<p>Kevin Harwell <strong>merged</strong> this change.</p><p><a href="https://gerrit.asterisk.org/9171">View Change</a></p><div style="white-space:pre-wrap">Approvals:
Jenkins2: Verified
Kevin Harwell: Looks good to me, approved; Approved for Submit
</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">AST-2018-007: iostreams potential DoS when client connection closed prematurely<br><br>Before Asterisk sends an HTTP response (at least in the case of errors),<br>it attempts to read & discard the content of the request. If the client<br>lies about the Content-Length, or the connection is closed from the<br>client side before "Content-Length" bytes are sent, the request handling<br>thread will busy loop.<br><br>ASTERISK-27807<br><br>Change-Id: Ib26095d3d0d515b2177bf231989d3ead7ed423b4<br>---<br>M main/iostream.c<br>1 file changed, 9 insertions(+), 2 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">diff --git a/main/iostream.c b/main/iostream.c<br>index aaa74fa..9363c31 100644<br>--- a/main/iostream.c<br>+++ b/main/iostream.c<br>@@ -197,11 +197,18 @@<br> }<br> }<br> break;<br>+ case SSL_ERROR_SYSCALL:<br>+ /* Some non-recoverable I/O error occurred. The OpenSSL error queue may<br>+ * contain more information on the error. For socket I/O on Unix systems,<br>+ * consult errno for details. */<br>+ ast_debug(1, "TLS non-recoverable I/O error occurred: %s, %s\n", ERR_error_string(sslerr, err),<br>+ ssl_error_to_string(sslerr, res));<br>+ return -1;<br> default:<br> /* Report EOF for an undecoded SSL or transport error. */<br> ast_debug(1, "TLS transport or SSL error reading data: %s, %s\n", ERR_error_string(sslerr, err),<br> ssl_error_to_string(sslerr, res));<br>- return 0;<br>+ return -1;<br> }<br> if (!ms) {<br> /* Report EOF for a timeout */<br>@@ -317,7 +324,7 @@<br> <br> while (remaining) {<br> ret = ast_iostream_read(stream, buf, remaining > sizeof(buf) ? sizeof(buf) : remaining);<br>- if (ret < 0) {<br>+ if (ret <= 0) {<br> return ret;<br> }<br> remaining -= ret;<br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/9171">change 9171</a>. To unsubscribe, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/9171"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: 15.4 </div>
<div style="display:none"> Gerrit-MessageType: merged </div>
<div style="display:none"> Gerrit-Change-Id: Ib26095d3d0d515b2177bf231989d3ead7ed423b4 </div>
<div style="display:none"> Gerrit-Change-Number: 9171 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Kevin Harwell <kharwell@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Jenkins2 </div>
<div style="display:none"> Gerrit-Reviewer: Kevin Harwell <kharwell@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Sean Bright <sean.bright@gmail.com> </div>