[Asterisk-code-review] AST-2015-006 udptl.c: Fix uninitialized values. (asterisk[11.21])

Kevin Harwell asteriskteam at digium.com
Wed Feb 3 14:23:07 CST 2016


Kevin Harwell has uploaded a new change for review.

  https://gerrit.asterisk.org/2188

Change subject: AST-2015-006 udptl.c: Fix uninitialized values.
......................................................................

AST-2015-006 udptl.c: Fix uninitialized values.

Sending UDPTL packets to Asterisk with the right amount of missing
sequence numbers and enough redundant 0-length IFP packets, can make
Asterisk crash.

ASTERISK-25603 #close
Reported by: Walter Doekes

ASTERISK-25742 #close
Reported by: Torrey Searle

Change-Id: I97df8375041be986f3f266ac1946a538023a5255
---
M main/udptl.c
1 file changed, 7 insertions(+), 8 deletions(-)


  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/88/2188/1

diff --git a/main/udptl.c b/main/udptl.c
index 76fc2fb..d308bff 100644
--- a/main/udptl.c
+++ b/main/udptl.c
@@ -263,16 +263,15 @@
 	if (decode_length(buf, limit, len, &octet_cnt) != 0)
 		return -1;
 
-	if (octet_cnt > 0) {
-		/* Make sure the buffer contains at least the number of bits requested */
-		if ((*len + octet_cnt) > limit)
-			return -1;
-
-		*p_num_octets = octet_cnt;
-		*p_object = &buf[*len];
-		*len += octet_cnt;
+	/* Make sure the buffer contains at least the number of bits requested */
+	if ((*len + octet_cnt) > limit) {
+		return -1;
 	}
 
+	*p_num_octets = octet_cnt;
+	*p_object = &buf[*len];
+	*len += octet_cnt;
+
 	return 0;
 }
 /*- End of function --------------------------------------------------------*/

-- 
To view, visit https://gerrit.asterisk.org/2188
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I97df8375041be986f3f266ac1946a538023a5255
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: 11.21
Gerrit-Owner: Kevin Harwell <kharwell at digium.com>
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>



More information about the asterisk-code-review mailing list