[OpenSIPS-Devel] [OpenSIPS/opensips] 35e652: fraud_detection: Fix possible SHM allocation bug w...
Liviu Chircu
noreply at github.com
Thu Jul 4 14:29:42 UTC 2024
Branch: refs/heads/3.5
Home: https://github.com/OpenSIPS/opensips
Commit: 35e65236e885908c60e5092fc8d5776c4218929c
https://github.com/OpenSIPS/opensips/commit/35e65236e885908c60e5092fc8d5776c4218929c
Author: Liviu Chircu <liviu at opensips.org>
Date: 2024-07-04 (Thu, 04 Jul 2024)
Changed paths:
M modules/drouting/dr_api_internal.c
Log Message:
-----------
fraud_detection: Fix possible SHM allocation bug w/ prefixless rules
During the check_fraud() call, in case dr_binds.match_number() finds a
prefixless route, the output @matched_len is un-initialized, potentially
leading to a bogus map.get_map() call and arbitrary-sized shm_malloc().
Many thanks to @okhowang for spotting the bug!
Closes #3413
(cherry picked from commit e8344e88fed2ac2ef9f3737e619f38361d949fc3)
To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications
More information about the Devel
mailing list