[Asterisk-code-review] pjproject bundled: Crash on pj ssl get info() while ioqueue ... (asterisk[master])
Joshua Colp
asteriskteam at digium.com
Fri Apr 7 17:33:13 CDT 2017
Joshua Colp has submitted this change and it was merged. ( https://gerrit.asterisk.org/5418 )
Change subject: pjproject_bundled: Crash on pj_ssl_get_info() while ioqueue_on_read_complete().
......................................................................
pjproject_bundled: Crash on pj_ssl_get_info() while ioqueue_on_read_complete().
When the Asterisk channel driver res_pjsip offers SIP-over-TLS, sometimes, not
reproducible, Asterisk crashed in pj_ssl_sock_get_info() because a NULL pointer
was read. This change avoids this crash.
ASTERISK-26927 #close
Change-Id: I24a6011b44d1426d159742ff4421cf806a52938b
---
A third-party/pjproject/patches/0048-r5576-svn-backport-tls-crash.patch
1 file changed, 32 insertions(+), 0 deletions(-)
Approvals:
George Joseph: Looks good to me, but someone else must approve
Anonymous Coward #1000019: Verified
Joshua Colp: Looks good to me, approved
diff --git a/third-party/pjproject/patches/0048-r5576-svn-backport-tls-crash.patch b/third-party/pjproject/patches/0048-r5576-svn-backport-tls-crash.patch
new file mode 100644
index 0000000..b5edc71
--- /dev/null
+++ b/third-party/pjproject/patches/0048-r5576-svn-backport-tls-crash.patch
@@ -0,0 +1,32 @@
+Index: /pjproject/trunk/pjlib/src/pj/ssl_sock_ossl.c
+===================================================================
+--- a/pjlib/src/pj/ssl_sock_ossl.c (revision 5564)
++++ b/pjlib/src/pj/ssl_sock_ossl.c (revision 5565)
+@@ -145,5 +145,6 @@
+ SSL_STATE_NULL,
+ SSL_STATE_HANDSHAKING,
+- SSL_STATE_ESTABLISHED
++ SSL_STATE_ESTABLISHED,
++ SSL_STATE_ERROR
+ };
+
+@@ -1907,4 +1908,8 @@
+ buf->len += size_;
+
++ if (status != PJ_SUCCESS) {
++ ssock->ssl_state = SSL_STATE_ERROR;
++ }
++
+ ret = (*ssock->param.cb.on_data_read)(ssock, buf->data,
+ buf->len, status,
+@@ -2658,5 +2663,9 @@
+ /* Current cipher */
+ cipher = SSL_get_current_cipher(ssock->ossl_ssl);
+- info->cipher = (SSL_CIPHER_get_id(cipher) & 0x00FFFFFF);
++ if (cipher) {
++ info->cipher = (SSL_CIPHER_get_id(cipher) & 0x00FFFFFF);
++ } else {
++ info->cipher = PJ_TLS_UNKNOWN_CIPHER;
++ }
+
+ /* Remote address */
--
To view, visit https://gerrit.asterisk.org/5418
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I24a6011b44d1426d159742ff4421cf806a52938b
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
More information about the asterisk-code-review
mailing list