[test-results] [Bamboo] Asterisk Testing > Asterisk 10 Branch > #55 has FAILED (1 tests failed). Change made by Matthew Jordan.

Bamboo bamboo at asterisk.org
Thu Mar 15 19:18:08 CDT 2012 

-----------------------------------------------------------------------
Asterisk Testing > Asterisk 10 Branch > #55 failed.
-----------------------------------------------------------------------
Code has been updated by Matthew Jordan.
1/204 tests failed.

http://bamboo.asterisk.org/browse/TESTING-ASTERISK10BRANCH-55/


--------------
Failing Jobs
--------------
  - Asterisk CentOS 6 64-Bit (CentOS 6): 1 of 204 tests failed.


--------------
Code Changes
--------------
Matthew Jordan (359694):

>Fix remotely exploitable stack overrun in Milliwatt
>
>Milliwatt is vulnerable to a remotely exploitable stack overrun when using
>the 'o' option.  This occurs due to the milliwatt_generate function not
>accounting for AST_FRIENDLY_OFFSET when calculating the maximum number of
>samples it can put in the output buffer.  For channels using a format with 
>a sample rate less than 32kHz, the buffer overrun should not be possible as
>the buffer allocated is sufficient to hold the data, even with no bounds
>checking.  For formats with a sample rate greater then 32kHz however, the
>fixed length buffer will be overrun.
>
>This patch resolves this issue by taking into account AST_FRIENDLY_OFFSET
>when determining the maximum number of samples allowed.  Note that at no
>point is remote code execution possible.  The data that is written into the
>buffer is the pre-defined Milliwatt data, and not custom data.
>
>(closes issue ASTERISK-19541)
>Reported by: Russell Bryant
>Tested by: Matt Jordan
>Patches:
>  milliwatt_stack_overrun.rev1.txt by Russell Bryant (license 6283)
>  Note that this patch was written by Russell, even though Matt uploaded it
>........
>
>Merged revisions 359645 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
>........
>
>Merged revisions 359656 from http://svn.asterisk.org/svn/asterisk/branches/1.8
>


--------------
Tests
--------------
New Test Failures (1)
   - AsteriskTestSuite: S/apps/confbridge/confbridge nominal

--
This message is automatically generated by Atlassian Bamboo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/test-results/attachments/20120315/8dfa4376/attachment.htm>

More information about the Test-results mailing list