[Asterisk-code-review] AST-2017-002: Ensure transaction key buffer is large enough. (asterisk[certified/13.13])

Matthew Fredrickson asteriskteam at digium.com
Fri May 19 11:36:57 CDT 2017 

Matthew Fredrickson has uploaded a new change for review. ( https://gerrit.asterisk.org/5668 )

Change subject: AST-2017-002: Ensure transaction key buffer is large enough.
......................................................................

AST-2017-002: Ensure transaction key buffer is large enough.

ASTERISK-26938 #close

Change-Id: I266490792fd8896a23be7cb92f316b7e69356413
---
A third-party/pjproject/patches/0059-Ensure-2543-transaction-key-buffer-is-large-enough.patch
1 file changed, 29 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/68/5668/1

diff --git a/third-party/pjproject/patches/0059-Ensure-2543-transaction-key-buffer-is-large-enough.patch b/third-party/pjproject/patches/0059-Ensure-2543-transaction-key-buffer-is-large-enough.patch
new file mode 100644
index 0000000..eb5a7db
--- /dev/null
+++ b/third-party/pjproject/patches/0059-Ensure-2543-transaction-key-buffer-is-large-enough.patch
@@ -0,0 +1,29 @@
+From b5f0f8868363c482a2c4ce343e3ee6ad256b0708 Mon Sep 17 00:00:00 2001
+From: Mark Michelson <mmichelson at digium.com>
+Date: Thu, 13 Apr 2017 16:20:07 -0500
+Subject: [PATCH] Ensure 2543 transaction key buffer is large enough.
+
+The CSeq method length needs to be factored into the allocated buffer
+length. Otherwise, the buffer may not be large enough to accommodate the
+entire key.
+---
+ pjsip/src/pjsip/sip_transaction.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/pjsip/src/pjsip/sip_transaction.c b/pjsip/src/pjsip/sip_transaction.c
+index c1750dc..2200d8d 100644
+--- a/pjsip/src/pjsip/sip_transaction.c
++++ b/pjsip/src/pjsip/sip_transaction.c
+@@ -288,7 +288,8 @@ static pj_status_t create_tsx_key_2543( pj_pool_t *pool,
+     host = &rdata->msg_info.via->sent_by.host;
+ 
+     /* Calculate length required. */
+-    len_required = 9 +			    /* CSeq number */
++    len_required = method->name.slen +	    /* Method */
++		   9 +			    /* CSeq number */
+ 		   rdata->msg_info.from->tag.slen +   /* From tag. */
+ 		   rdata->msg_info.cid->id.slen +    /* Call-ID */
+ 		   host->slen +		    /* Via host. */
+-- 
+1.9.1
+

-- 
To view, visit https://gerrit.asterisk.org/5668
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I266490792fd8896a23be7cb92f316b7e69356413
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: certified/13.13
Gerrit-Owner: Matthew Fredrickson <creslin at digium.com>
Gerrit-Reviewer: Mark Michelson <mmichelson at digium.com>

More information about the asterisk-code-review mailing list