28 Aug
2013
28 Aug
'13
8:44 p.m.
Hello,
I have discovered that calling rtpproxy_manage for a failure response
will cause a segfault if certain flags are passed.
E.g. A "488 Not Acceptable Here" response that calls
"rtpproxy_manage("fco+SP") during a failure_route will crash.
This is because the OP_DELETE operation does not initialise the flags
variable. See rtpproxy.c:1119 (rtpp_function_call(...))
I've attached a patch that will only add items to initialised lists. I
assume that no flags are required for a DELETE operation, but please
confirm this and review!
Regards,
Hugh
--
Hugh Waite
Principal Design Engineer
Crocodile RCS Ltd.
28 Aug
28 Aug
9:24 p.m.
On 08/28/13 13:44, Hugh Waite wrote:
Hello,
I have discovered that calling rtpproxy_manage for a failure response
will cause a segfault if certain flags are passed.
E.g. A "488 Not Acceptable Here" response that calls
"rtpproxy_manage("fco+SP") during a failure_route will crash.
This is because the OP_DELETE operation does not initialise the flags
variable. See rtpproxy.c:1119 (rtpp_function_call(...))
I've attached a patch that will only add items to initialised lists. I
assume that no flags are required for a DELETE operation, but please
confirm this and review!
Hi,
Thanks for the report and the patch. I'll fix it in a different way
because the bencode_list_add*() functions are supposed to be safe to be
called with NULL arguments. I thought they were, but it looks like
they're not :)
cheers
4104
days inactive
4104
days old
1 comments
2 participants
participants (2)
-
Hugh Waite -
Richard Fuchs