[OpenSIPS-Devel] [opensips] Critical security fixes: memory corruption, invalid read, null dereferences, overflows (#719)

ph4r05 notifications at github.com
Sat Dec 5 16:10:03 CET 2015 

I've added PJSIP to Coverity static code analysis scanner and fixed most critical security bugs in 1.11 branch. 471 defect were found in total by Coverity, 436 still to fix. 

I think branch 1.11 is still used in the wild. Please review my security fixes. They are mainly fixes in memory corruption (overflows, invalid read), null dereferences and resource leakage. 

You might consider adding PJSIP to Coverity also, only thing you need is to register project at Coverity and modify `.travis.yml`.

I will continue with fixing the bugs from most critical to less. After fixing branch 1.11 I am going to do the same with master branch.

[Coverity]: https://scan.coverity.com/projects/ph4r05-opensips?tab=overview
You can view, comment on, or merge this pull request online at:

  https://github.com/OpenSIPS/opensips/pull/719

-- Commit Summary --

  * fixing coverity found defects - invalid memory access / memory corruptions
  * fixing coverity found defects - resource leakage
  * fixing coverity found defects - processing initialized variables, control flow, invalid expressions
  * fixing coverity found defects - logical fix in ul callback check type, null dereference
  * fixing coverity found defects - null dereference, break missing
  * fixing coverity found defects - null dereference, invalid e164 number check

-- File Changes --

    M daemonize.c (3)
    M db/db.c (13)
    M evi/event_interface.c (2)
    M flags.c (2)
    M ip_addr.h (2)
    M main.c (1)
    M modules/acc/acc.c (1)
    M modules/alias_db/alookup.c (2)
    M modules/auth/challenge.c (2)
    M modules/call_center/call_center.c (2)
    M modules/db_text/dbt_file.c (2)
    M modules/dialog/dlg_tophiding.c (2)
    M modules/dispatcher/dispatcher.c (2)
    M modules/drouting/drouting.c (2)
    M modules/mi_datagram/datagram_fnc.c (2)
    M modules/mi_fifo/fifo_fnc.c (11)
    M modules/mi_xmlrpc/xr_parser.c (1)
    M modules/presence/presentity.c (2)
    M modules/pua/send_subscribe.c (4)
    M modules/rtpproxy/rtpproxy.c (2)
    M modules/tm/t_reply.c (4)
    M modules/uac/uac.c (2)
    M modules/uri/checks.c (2)
    M modules/usrloc/dlist.c (2)
    M modules/usrloc/ucontact.c (2)
    M modules/usrloc/ul_callback.h (2)
    M proxy.c (2)
    M rw_locking.h (2)

-- Patch Links --

https://github.com/OpenSIPS/opensips/pull/719.patch
https://github.com/OpenSIPS/opensips/pull/719.diff

---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/pull/719
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/devel/attachments/20151205/7f438fca/attachment.htm>

More information about the Devel mailing list