[Pkg-voip-commits] [asterisk] 03/05: Patch fix_xmpp_19532 fix a crash of the XMPP code
tzafrir at debian.org
tzafrir at debian.org
Thu Aug 29 14:36:35 UTC 2013
This is an automated email from the git hooks/post-receive script.
tzafrir pushed a commit to branch wheezy
in repository asterisk.
commit 339ae85ec287e3bfaddff3ccb813edc6b0c6619c
Author: Tzafrir Cohen <tzafrir.cohen at xorcom.com>
Date: Wed Aug 28 23:48:07 2013 +0300
Patch fix_xmpp_19532 fix a crash of the XMPP code
---
debian/patches/fix_xmpp_19532 | 52 +++++++++++++++++++++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 53 insertions(+)
diff --git a/debian/patches/fix_xmpp_19532 b/debian/patches/fix_xmpp_19532
new file mode 100644
index 0000000..1d6bd14
--- /dev/null
+++ b/debian/patches/fix_xmpp_19532
@@ -0,0 +1,52 @@
+From 519d65096a6a5c6702f194c29da45140ce698c01 Mon Sep 17 00:00:00 2001
+From: Matthew Jordan <mjordan at digium.com>
+Date: Thu, 4 Oct 2012 02:09:43 +0000
+Subject: Check for presence of buddy in info/dinfo handlers
+Bug: https://issues.asterisk.org/jira/browse/ASTERISK-19532
+Origin: http://svnview.digium.com/svn/asterisk?view=rev&rev=374335
+
+The res_jabber resource module uses the ASTOBJ library for managing its ref
+counted objects. After calling ASTOBJ_CONTAINER_FIND to locate a buddy object,
+the pointer to the object has to be checked to see if the buddy existed.
+Prior to this patch, the buddy object was not checked for NULL; with this patch
+in both aji_client_info_handler and aji_dinfo_handler the pointer is checked
+before used and, if no buddy object was found, the handlers return an error
+code.
+
+---
+ res/res_jabber.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/res/res_jabber.c b/res/res_jabber.c
+index 764ec6d..7d4eb66 100644
+--- a/res/res_jabber.c
++++ b/res/res_jabber.c
+@@ -2004,6 +2004,12 @@ static int aji_client_info_handler(void *data, ikspak *pak)
+ struct aji_resource *resource = NULL;
+ struct aji_buddy *buddy = ASTOBJ_CONTAINER_FIND(&client->buddies, pak->from->partial);
+
++ if (!buddy) {
++ ast_log(LOG_NOTICE, "JABBER: Received client info from unknown buddy: %s.\n", pak->from->full);
++ ASTOBJ_UNREF(client, ast_aji_client_destroy);
++ return IKS_FILTER_EAT;
++ }
++
+ resource = aji_find_resource(buddy, pak->from->resource);
+ if (pak->subtype == IKS_TYPE_RESULT) {
+ if (!resource) {
+@@ -2071,6 +2077,12 @@ static int aji_dinfo_handler(void *data, ikspak *pak)
+ struct aji_resource *resource = NULL;
+ struct aji_buddy *buddy = ASTOBJ_CONTAINER_FIND(&client->buddies, pak->from->partial);
+
++ if (!buddy) {
++ ast_log(LOG_NOTICE, "JABBER: Received client info from unknown buddy: %s.\n", pak->from->full);
++ ASTOBJ_UNREF(client, ast_aji_client_destroy);
++ return IKS_FILTER_EAT;
++ }
++
+ if (pak->subtype == IKS_TYPE_ERROR) {
+ ast_log(LOG_WARNING, "Received error from a client, turn on jabber debug!\n");
+ ASTOBJ_UNREF(client, ast_aji_client_destroy);
+--
+1.7.10.4
+
diff --git a/debian/patches/series b/debian/patches/series
index a8c8cbc..7692743 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -33,5 +33,6 @@ AST-2012-015
AST-2013-002
AST-2013-003
bluetooth_bind
+fix_xmpp_19532
AST-2013-004
AST-2013-005
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/asterisk.git
More information about the Pkg-voip-commits
mailing list