Difuse/telephony
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

asterisk-16.x: add patch for AST-2021-001

Browse source 
180-AST-2019-007-16.diff refreshed.

Upstream patch for AST-2021-001 added. This patch is mainly for
res_pjsip_diversion, but the part that is patched there was added later
("res_pjsip_diversion: implement support for History-Info"), so asterisk
16.3.0 is not affected. Hence the res_pjsip_diversion part was removed
from the patch. The patch resolves similar overflow situations in
res_pjsip_path and res_pjsip_outbound_registration, so these were kept.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This commit is contained in:
Sebastian Kemper 2021-03-07 11:07:20 +01:00
parent f42ce26555
commit 8f15bfbb0f
3 changed files with 89 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
net/asterisk-16.x/Makefile
View file

@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
AST_MAJOR_VERSION:=16 AST_MAJOR_VERSION:=16
PKG_NAME:=asterisk$(AST_MAJOR_VERSION) PKG_NAME:=asterisk$(AST_MAJOR_VERSION)
PKG_VERSION:=$(AST_MAJOR_VERSION).3.0 PKG_VERSION:=$(AST_MAJOR_VERSION).3.0
PKG_RELEASE:=8 PKG_RELEASE:=9
PKG_SOURCE:=asterisk-$(PKG_VERSION).tar.gz PKG_SOURCE:=asterisk-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://downloads.asterisk.org/pub/telephony/asterisk/releases PKG_SOURCE_URL:=https://downloads.asterisk.org/pub/telephony/asterisk/releases

7
net/asterisk-16.x/patches/180-AST-2019-007-16.diff
View file

@ -21,9 +21,6 @@ Reported by: Eliel Sardañons
Change-Id: Ic4c9dedc34c426f03c8c14fce334a71386d8a5fa Change-Id: Ic4c9dedc34c426f03c8c14fce334a71386d8a5fa
--- ---
diff --git a/doc/UPGRADE-staging/AMI-Originate.txt b/doc/UPGRADE-staging/AMI-Originate.txt
new file mode 100644
index 0000000..f2d3133
--- /dev/null --- /dev/null
+++ b/doc/UPGRADE-staging/AMI-Originate.txt +++ b/doc/UPGRADE-staging/AMI-Originate.txt
@@ -0,0 +1,5 @@ @@ -0,0 +1,5 @@
@ -32,11 +29,9 @@ index 0000000..f2d3133
+The AMI Originate action, which optionally takes a dialplan application as +The AMI Originate action, which optionally takes a dialplan application as
+an argument, no longer accepts "Originate" as the application due to +an argument, no longer accepts "Originate" as the application due to
+security concerns. +security concerns.
diff --git a/main/manager.c b/main/manager.c
index f138801..1963151 100644
--- a/main/manager.c --- a/main/manager.c
+++ b/main/manager.c +++ b/main/manager.c
@@ -5744,6 +5744,7 @@ @@ -5697,6 +5697,7 @@ static int action_originate(struct manse
EAGI(/bin/rm,-rf /) */ EAGI(/bin/rm,-rf /) */
strcasestr(app, "mixmonitor") || /* MixMonitor(blah,,rm -rf) */ strcasestr(app, "mixmonitor") || /* MixMonitor(blah,,rm -rf) */
strcasestr(app, "externalivr") || /* ExternalIVR(rm -rf) */ strcasestr(app, "externalivr") || /* ExternalIVR(rm -rf) */

87
net/asterisk-16.x/patches/210-AST-2021-001-16.diff Normal file
View file

@ -0,0 +1,87 @@
From 757b7f8d7cfee4f541e8d7586e2408556a74201d Mon Sep 17 00:00:00 2001
From: Ivan Poddubnyi <ivan.poddubny@gmail.com>
Date: Mon, 28 Dec 2020 13:43:23 +0100
Subject: [PATCH] res_pjsip_diversion: Fix adding more than one histinfo to
Supported
New responses sent within a PJSIP sessions are based on those that were
sent before. Therefore, adding/modifying a header once causes it to be
sent on all responses that follow.
Sending 181 Call Is Being Forwarded many times first adds "histinfo"
duplicated more and more, and eventually overflows past the array
boundary.
This commit adds a check preventing adding "histinfo" more than once,
and skipping it if there is no more space in the header.
Similar overflow situations can also occur in res_pjsip_path and
res_pjsip_outbound_registration so those were also modified to
check the bounds and suppress duplicate Supported values.
ASTERISK-29227
Reported by: Ivan Poddubny
Change-Id: Id43704a1f1a0293e35cc7f844026f0b04f2ac322
---
res/res_pjsip_diversion.c | 14 ++++++++++++++
res/res_pjsip_outbound_registration.c | 12 ++++++++++++
res/res_pjsip_path.c | 12 ++++++++++++
3 files changed, 38 insertions(+)
--- a/res/res_pjsip_outbound_registration.c
+++ b/res/res_pjsip_outbound_registration.c
@@ -580,6 +580,7 @@ static int handle_client_registration(vo
if (client_state->support_path) {
pjsip_supported_hdr *hdr;
+ int i;
hdr = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_SUPPORTED, NULL);
if (!hdr) {
@@ -593,6 +594,17 @@ static int handle_client_registration(vo
pjsip_msg_add_hdr(tdata->msg, (pjsip_hdr *)hdr);
}
+ /* Don't add the value if it's already there */
+ for (i = 0; i < hdr->count; ++i) {
+ if (pj_stricmp(&hdr->values[i], &PATH_NAME) == 0) {
+ return 1;
+ }
+ }
+
+ if (hdr->count >= PJSIP_GENERIC_ARRAY_MAX_COUNT) {
+ return 0;
+ }
+
/* add on to the existing Supported header */
pj_strassign(&hdr->values[hdr->count++], &PATH_NAME);
}
--- a/res/res_pjsip_path.c
+++ b/res/res_pjsip_path.c
@@ -122,6 +122,7 @@ static int path_get_string(pj_pool_t *po
static int add_supported(pjsip_tx_data *tdata)
{
pjsip_supported_hdr *hdr;
+ int i;
hdr = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_SUPPORTED, NULL);
if (!hdr) {
@@ -134,6 +135,17 @@ static int add_supported(pjsip_tx_data *
pjsip_msg_add_hdr(tdata->msg, (pjsip_hdr *)hdr);
}
+ /* Don't add the value if it's already there */
+ for (i = 0; i < hdr->count; ++i) {
+ if (pj_stricmp(&hdr->values[i], &PATH_SUPPORTED_NAME) == 0) {
+ return 0;
+ }
+ }
+
+ if (hdr->count >= PJSIP_GENERIC_ARRAY_MAX_COUNT) {
+ return -1;
+ }
+
/* add on to the existing Supported header */
pj_strassign(&hdr->values[hdr->count++], &PATH_SUPPORTED_NAME);