[Asterisk-code-review] security-events: Fix SuccessfulAuth using password declaration. (asterisk[15])

Richard Mudgett asteriskteam at digium.com
Mon Dec 4 17:21:15 CST 2017 

Richard Mudgett has uploaded this change for review. ( https://gerrit.asterisk.org/7444


Change subject: security-events: Fix SuccessfulAuth using_password declaration.
......................................................................

security-events: Fix SuccessfulAuth using_password declaration.

The SuccessfulAuth using_password field was declared as a pointer to a
uint32_t when the field was later read as a uint32_t value.  This resulted
in unnecessary casts and a non-portable field value reinterpret in
main/security_events.c:add_json_object().  i.e., It would work on a 32 bit
architecture but not on a 64 bit big endian architecture.

Change-Id: Ia08bc797613a62f07e5473425f9ccd8d77c80935
---
M channels/sip/include/security_events.h
M channels/sip/security_events.c
M include/asterisk/security_events_defs.h
M res/res_pjsip/security_events.c
4 files changed, 8 insertions(+), 7 deletions(-)



  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/44/7444/1

diff --git a/channels/sip/include/security_events.h b/channels/sip/include/security_events.h
index 1d0f58b..9f4bb2e 100644
--- a/channels/sip/include/security_events.h
+++ b/channels/sip/include/security_events.h
@@ -32,7 +32,7 @@
 void sip_report_invalid_peer(const struct sip_pvt *p);
 void sip_report_failed_acl(const struct sip_pvt *p, const char *aclname);
 void sip_report_inval_password(const struct sip_pvt *p, const char *responsechallenge, const char *responsehash);
-void sip_report_auth_success(const struct sip_pvt *p, uint32_t *using_password);
+void sip_report_auth_success(const struct sip_pvt *p, uint32_t using_password);
 void sip_report_session_limit(const struct sip_pvt *p);
 void sip_report_failed_challenge_response(const struct sip_pvt *p, const char *response, const char *expected_response);
 void sip_report_chal_sent(const struct sip_pvt *p);
diff --git a/channels/sip/security_events.c b/channels/sip/security_events.c
index b51c473..86ab6c2f 100644
--- a/channels/sip/security_events.c
+++ b/channels/sip/security_events.c
@@ -120,7 +120,7 @@
         ast_security_event_report(AST_SEC_EVT(&inval_password));
 }
 
-void sip_report_auth_success(const struct sip_pvt *p, uint32_t *using_password)
+void sip_report_auth_success(const struct sip_pvt *p, uint32_t using_password)
 {
         char session_id[32];
 
@@ -269,7 +269,8 @@
 }
 
 int sip_report_security_event(const char *peer, struct ast_sockaddr *addr, const struct sip_pvt *p,
-			      const struct sip_request *req, const int res) {
+    const struct sip_request *req, const int res)
+{
 
 	struct sip_peer *peer_report;
 	enum check_auth_result res_report = res;
@@ -295,9 +296,9 @@
 	case AUTH_SUCCESSFUL:
 		if (peer_report) {
 			if (ast_strlen_zero(peer_report->secret) && ast_strlen_zero(peer_report->md5secret)) {
-			sip_report_auth_success(p, (uint32_t *) 0);
+				sip_report_auth_success(p, 0);
 			} else {
-				sip_report_auth_success(p, (uint32_t *) 1);
+				sip_report_auth_success(p, 1);
 			}
 		}
 		break;
diff --git a/include/asterisk/security_events_defs.h b/include/asterisk/security_events_defs.h
index 30a7136..1cae046 100644
--- a/include/asterisk/security_events_defs.h
+++ b/include/asterisk/security_events_defs.h
@@ -394,7 +394,7 @@
 	 * \brief Using password - if a password was used or not
 	 * \note required, 0 = no, 1 = yes
 	 */
-	uint32_t *using_password;
+	uint32_t using_password;
 };
 
 /*!
diff --git a/res/res_pjsip/security_events.c b/res/res_pjsip/security_events.c
index ea3810b..b31445b 100644
--- a/res/res_pjsip/security_events.c
+++ b/res/res_pjsip/security_events.c
@@ -186,7 +186,7 @@
 					.transport  = transport,
 			},
 			.common.session_id  = call_id,
-			.using_password     = auth ? (uint32_t *)1 : (uint32_t *)0,
+			.using_password     = auth ? 1 : 0,
 	};
 
 	security_event_populate(rdata, call_id, sizeof(call_id), &local, &remote);

-- 
To view, visit https://gerrit.asterisk.org/7444
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 15
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia08bc797613a62f07e5473425f9ccd8d77c80935
Gerrit-Change-Number: 7444
Gerrit-PatchSet: 1
Gerrit-Owner: Richard Mudgett <rmudgett at digium.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20171204/d4891175/attachment.html>

More information about the asterisk-code-review mailing list