[asterisk-commits] kharwell: branch kharwell/pimp_sip_video r384365 - in /team/kharwell/pimp_sip...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Fri Mar 29 15:04:57 CDT 2013 

Author: kharwell
Date: Fri Mar 29 15:04:53 2013
New Revision: 384365

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=384365
Log:
Multiple revisions 384120,384164

........
  r384120 | mjordan | 2013-03-27 13:52:16 -0500 (Wed, 27 Mar 2013) | 20 lines
  
  Fix a file descriptor leak in off nominal path
  
  While looking at the security vulnerability in ASTERISK-20967, Walter noticed
  a file descriptor leak and some other issues in off nominal code paths. This
  patch corrects them.
  
  Note that this patch is not related to the vulnerability in ASTERISK-20967,
  but the patch was placed on that issue.
  
  (closes issue ASTERISK-20967)
  Reported by: wdoekes
  patches:
    issueA20967_file_leak_and_unused_wkspace.patch uploaded by wdoekes (License 5674)
  ........
  
  Merged revisions 384118 from http://svn.asterisk.org/svn/asterisk/branches/1.8
  ........
  
  Merged revisions 384119 from http://svn.asterisk.org/svn/asterisk/branches/11
........
  r384164 | kmoore | 2013-03-27 14:52:19 -0500 (Wed, 27 Mar 2013) | 8 lines
  
  Address uninitialized conditional that valgrind found
  ........
  
  Merged revisions 384162 from http://svn.asterisk.org/svn/asterisk/branches/1.8
  ........
  
  Merged revisions 384163 from http://svn.asterisk.org/svn/asterisk/branches/11
........

Merged revisions 384120,384164 from http://svn.asterisk.org/svn/asterisk/trunk

Modified:
    team/kharwell/pimp_sip_video/   (props changed)
    team/kharwell/pimp_sip_video/channels/chan_sip.c
    team/kharwell/pimp_sip_video/main/format_pref.c
    team/kharwell/pimp_sip_video/main/http.c

Propchange: team/kharwell/pimp_sip_video/
------------------------------------------------------------------------------
Binary property 'branch-11-merged' - no diff available.

Propchange: team/kharwell/pimp_sip_video/
------------------------------------------------------------------------------
--- svnmerge-integrated (original)
+++ svnmerge-integrated Fri Mar 29 15:04:53 2013
@@ -1,1 +1,1 @@
-/trunk:1-384103
+/trunk:1-384200

Modified: team/kharwell/pimp_sip_video/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/team/kharwell/pimp_sip_video/channels/chan_sip.c?view=diff&rev=384365&r1=384364&r2=384365
==============================================================================
--- team/kharwell/pimp_sip_video/channels/chan_sip.c (original)
+++ team/kharwell/pimp_sip_video/channels/chan_sip.c Fri Mar 29 15:04:53 2013
@@ -25683,7 +25683,7 @@
 
 	/* Session-Timers */
 	if ((p->sipoptions & SIP_OPT_TIMER)) {
-		enum st_refresher_param st_ref_param;
+		enum st_refresher_param st_ref_param = SESSION_TIMER_REFRESHER_PARAM_UNKNOWN;
 
 		/* The UAC has requested session-timers for this session. Negotiate
 		the session refresh interval and who will be the refresher */

Modified: team/kharwell/pimp_sip_video/main/format_pref.c
URL: http://svnview.digium.com/svn/asterisk/team/kharwell/pimp_sip_video/main/format_pref.c?view=diff&rev=384365&r1=384364&r2=384365
==============================================================================
--- team/kharwell/pimp_sip_video/main/format_pref.c (original)
+++ team/kharwell/pimp_sip_video/main/format_pref.c Fri Mar 29 15:04:53 2013
@@ -317,7 +317,7 @@
 /*! \brief Pick a codec */
 struct ast_format *ast_codec_choose(struct ast_codec_pref *pref, struct ast_format_cap *cap, int find_best, struct ast_format *result)
 {
-	int x, slot, found;
+	int x, slot, found = 0;
 	size_t f_len = 0;
 	const struct ast_format_list *f_list = ast_format_list_get(&f_len);
 

Modified: team/kharwell/pimp_sip_video/main/http.c
URL: http://svnview.digium.com/svn/asterisk/team/kharwell/pimp_sip_video/main/http.c?view=diff&rev=384365&r1=384364&r2=384365
==============================================================================
--- team/kharwell/pimp_sip_video/main/http.c (original)
+++ team/kharwell/pimp_sip_video/main/http.c Fri Mar 29 15:04:53 2013
@@ -237,7 +237,7 @@
 		goto out403;
 	}
 
-	/* Disallow any funny filenames at all */
+	/* Disallow any funny filenames at all (checking first character only??) */
 	if ((uri[0] < 33) || strchr("./|~@#$%^&*() \t", uri[0])) {
 		goto out403;
 	}
@@ -252,6 +252,7 @@
 
 	if (!(mtype = ast_http_ftype2mtype(ftype))) {
 		snprintf(wkspace, sizeof(wkspace), "text/%s", S_OR(ftype, "plain"));
+		mtype = wkspace;
 	}
 
 	/* Cap maximum length */
@@ -269,12 +270,12 @@
 		goto out404;
 	}
 
+	if (strstr(path, "/private/") && !astman_is_authed(ast_http_manid_from_vars(headers))) {
+		goto out403;
+	}
+
 	fd = open(path, O_RDONLY);
 	if (fd < 0) {
-		goto out403;
-	}
-
-	if (strstr(path, "/private/") && !astman_is_authed(ast_http_manid_from_vars(headers))) {
 		goto out403;
 	}
 
@@ -297,6 +298,7 @@
 	}
 
 	if ( (http_header = ast_str_create(255)) == NULL) {
+		close(fd);
 		return -1;
 	}

More information about the asterisk-commits mailing list