Files · a877e0d94b263bcb3d2b378dc952b759d58a2b43 · Voice / asterisk

AST-2016-002 chan_sip.c: Fix retransmission timeout integer overflow.

Richard Mudgett authored 9 years ago

Setting the sip.conf timert1 value to a value higher than 1245 can cause
an integer overflow and result in large retransmit timeout times.  These
large timeout times hold system file descriptors hostage and can cause the
system to run out of file descriptors.

NOTE: The default sip.conf timert1 value is 500 which does not expose the
vulnerability.

* The overflow is now detected and the previous timeout time is
calculated.

ASTERISK-25397 #close
Reported by: Alexander Traud

Change-Id: Ia7231f2f415af1cbf90b923e001b9219cff46290

a877e0d9

History

a877e0d9 9 years ago

History

Name	Last commit	Last update
addons
agi
apps
autoconf
bridges
build_tools
cdr
cel
channels
codecs
configs
contrib
doc
formats
funcs
images
include
main
menuselect
pbx
phoneprov
res
rest-api-templates
rest-api
sounds
static-http
tests
utils
.cleancount
.gitignore
.gitreview
BSDmakefile
BUGS
CHANGES
COPYING
CREDITS
LICENSE
Makefile
Makefile.moddir_rules
Makefile.rules
README
README-SERIOUSLY.bestpractices.txt
README-addons.txt
UPGRADE-1.2.txt
UPGRADE-1.4.txt
UPGRADE-1.6.txt
UPGRADE-1.8.txt
UPGRADE-10.txt
UPGRADE-11.txt
UPGRADE-12.txt
UPGRADE-13.txt
UPGRADE.txt
Zaptel-to-DAHDI.txt
bootstrap.sh
config.guess
config.sub
configure
configure.ac
default.exports
install-sh
makeopts.in
missing
mkinstalldirs
sample.call

README