[asterisk-commits] may: branch 10 r333962 - /branches/10/addons/ooh323c/src/ooh323.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Tue Aug 30 16:53:45 CDT 2011
Author: may
Date: Tue Aug 30 16:53:42 2011
New Revision: 333962
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=333962
Log:
security fix. really drop call if signalling addr is not same as socket
addr
Modified:
branches/10/addons/ooh323c/src/ooh323.c
Modified: branches/10/addons/ooh323c/src/ooh323.c
URL: http://svnview.digium.com/svn/asterisk/branches/10/addons/ooh323c/src/ooh323.c?view=diff&rev=333962&r1=333961&r2=333962
==============================================================================
--- branches/10/addons/ooh323c/src/ooh323.c (original)
+++ branches/10/addons/ooh323c/src/ooh323.c Tue Aug 30 16:53:42 2011
@@ -371,7 +371,7 @@
H225TransportAddress_ip6Address_ip *ip6 = NULL;
Q931InformationElement* pDisplayIE=NULL;
OOAliases *pAlias=NULL;
- char remoteIP[2+8*4+7];
+ char remoteIP[2+8*4+7] = "";
call->callReference = q931Msg->callReference;
@@ -529,6 +529,7 @@
OOTRACEERR5("ERROR: Security denial remote sig IP isn't a socket ip, %s not %s "
"(%s, %s)\n", remoteIP, call->remoteIP, call->callType,
call->callToken);
+ return OO_FAILED;
}
/* check for fast start */
More information about the asterisk-commits
mailing list