[OpenSIPS-Devel] [OpenSIPS/opensips] 2a6f8c: parse_msg(): Fix heap buffer overflow edge-case (O...
Liviu Chircu
noreply at github.com
Sat Oct 8 16:59:20 UTC 2022
Branch: refs/heads/master
Home: https://github.com/OpenSIPS/opensips
Commit: 2a6f8c67aa15ebf507cc9ff2bd881d771858fed7
https://github.com/OpenSIPS/opensips/commit/2a6f8c67aa15ebf507cc9ff2bd881d771858fed7
Author: Liviu Chircu <liviu at opensips.org>
Date: 2022-10-08 (Sat, 08 Oct 2022)
Changed paths:
M parser/msg_parser.c
M parser/test/test_parser.c
Log Message:
-----------
parse_msg(): Fix heap buffer overflow edge-case (OSS-Fuzz)
This patch fixes a SIP message parsing error log which could lead to an
unsafe printing of a non-NULL terminated string. Fortunately, the
OpenSIPS PKG memory allocator minimizes the severity of this overflow,
thanks to its pre-allocated, large chunk of heap memory.
Severity: Low
Fixes OSS-Fuzz#52204
More information about the Devel
mailing list