[asterisk-dev] UDPTL crash anyone?

Atis Lezdins atis at iq-labs.net
Tue Jan 13 03:41:05 CST 2009


On Sat, Dec 13, 2008 at 5:33 AM, Steve Underwood <steveu at coppice.org> wrote:
> Atis Lezdins wrote:
>> Hello,
>>
>> There's a crash in udptl.c and from my limited knowledge it could be
>> security vulnerability, thay's why it's been set as private in
>> bugtracker.
>>
>> Can anybody with knowledge of udptl.c take a look at it and
>> confirm/reject exploit options? It's been hanging around for 2 months
>> already.
>>
>> Regards,
>> Atis
>>
>>
> I wonder how similar that code is to when I donated it to Asterisk? I
> seem to remember we cleaned up one or two crash issues when we put the
> same basic code into Callweaver, but its along time ago, and I can't
> remember the details. You could try comparing the udptl.c file in
> Callweaver 1.2.0.1 with the current Asterisk code. Apart from the
> obvious changes of "ast_" to "cw_" you might find its still similar
> enough to easily spot some relevant differences.
>

Hi Steve,

There's a patch in bugtracker uploaded by Tilghman (issue 13600). I
tested it last night, it seems to not break anything but it would be
good if you check it for logic. I added some error output on
conditions where it would crash, tested with approximately 350 faxes
but didn't succeeded in reproducing. Previously this has been very
rare on our production (~1 crash per 2-3 months). I'll keep testing
and post results in bugtracker this week.



More information about the asterisk-dev mailing list