[OpenSIPS-Devel] [OpenSIPS/opensips] c990e6: Fix crash in parse_sdp when a= is empty
Răzvan Crainea
noreply at github.com
Fri Oct 8 12:02:44 EST 2021
Branch: refs/heads/3.1
Home: https://github.com/OpenSIPS/opensips
Commit: c990e6ab1f6b301b172d7886ca290beb6db7a7b9
https://github.com/OpenSIPS/opensips/commit/c990e6ab1f6b301b172d7886ca290beb6db7a7b9
Author: Razvan Crainea <razvan at opensips.org>
Date: 2021-10-08 (Fri, 08 Oct 2021)
Changed paths:
M parser/sdp/sdp_helpr_funcs.c
Log Message:
-----------
Fix crash in parse_sdp when a= is empty
When a bogus SDP was provided, with an empty `a=` line, there was no
check for the length to be compared, resulting in a bad memory access,
hence a crash.
Issue discovered during OpenSIPS Security Audit 2021,
by Alfred Farrugia & Sandro Gauci (Enable Security)
(cherry picked from commit 2617c97207b1fe2afead9f887f7a5df4da3b7d55)
More information about the Devel
mailing list