[OpenSIPS-Devel] [OpenSIPS/opensips] 50b613: Fix crash in parse_sdp when a= is empty
Răzvan Crainea
noreply at github.com
Fri Oct 8 12:02:36 EST 2021
Branch: refs/heads/3.2
Home: https://github.com/OpenSIPS/opensips
Commit: 50b61365e4ba4f94d3a0950e01793d7bdae6d8d4
https://github.com/OpenSIPS/opensips/commit/50b61365e4ba4f94d3a0950e01793d7bdae6d8d4
Author: Razvan Crainea <razvan at opensips.org>
Date: 2021-10-08 (Fri, 08 Oct 2021)
Changed paths:
M parser/sdp/sdp_helpr_funcs.c
Log Message:
-----------
Fix crash in parse_sdp when a= is empty
When a bogus SDP was provided, with an empty `a=` line, there was no
check for the length to be compared, resulting in a bad memory access,
hence a crash.
Issue discovered during OpenSIPS Security Audit 2021,
by Alfred Farrugia & Sandro Gauci (Enable Security)
(cherry picked from commit 2617c97207b1fe2afead9f887f7a5df4da3b7d55)
More information about the Devel
mailing list