[Pkg-voip-commits] [pjproject] 01/01: add patches AST-2017-002 and AST-2017-003

tzafrir at debian.org tzafrir at debian.org
Sun May 21 08:24:42 UTC 2017 

This is an automated email from the git hooks/post-receive script.

tzafrir pushed a commit to branch master
in repository pjproject.

commit 2e7fb00d7f2c50b904b529c76cb844e45d489e9d
Author: Tzafrir Cohen <tzafrir at debian.org>
Date:   Sun May 21 10:42:52 2017 +0300

    add patches AST-2017-002 and AST-2017-003
---
 ...ero-length-multipart-body-parts-correctly.patch | 37 ++++++++++++++++++++++
 ...43-transaction-key-buffer-is-large-enough.patch | 25 +++++++++++++++
 debian/patches/series                              |  2 ++
 3 files changed, 64 insertions(+)

diff --git a/debian/patches/asterisk/0019-Parse-zero-length-multipart-body-parts-correctly.patch b/debian/patches/asterisk/0019-Parse-zero-length-multipart-body-parts-correctly.patch
new file mode 100644
index 0000000..bd2460d
--- /dev/null
+++ b/debian/patches/asterisk/0019-Parse-zero-length-multipart-body-parts-correctly.patch
@@ -0,0 +1,37 @@
+From: Mark Michelson <mmichelson at digium.com>
+Date: Thu, 13 Apr 2017 16:59:40 -0500
+Subject: Parse zero-length multipart body parts correctly.
+
+The calculation of end_body could result in a negative length being
+passed to multipart_body_parse_part().
+---
+ pjsip/src/pjsip/sip_multipart.c | 16 +++++++++-------
+ 1 file changed, 9 insertions(+), 7 deletions(-)
+
+diff --git a/pjsip/src/pjsip/sip_multipart.c b/pjsip/src/pjsip/sip_multipart.c
+index cb6b0fb..936dab2 100644
+--- a/pjsip/src/pjsip/sip_multipart.c
++++ b/pjsip/src/pjsip/sip_multipart.c
+@@ -640,13 +640,15 @@ PJ_DEF(pjsip_msg_body*) pjsip_multipart_parse(pj_pool_t *pool,
+ 
+ 	end_body = curptr;
+ 
+-	/* The newline preceeding the delimiter is conceptually part of
+-	 * the delimiter, so trim it from the body.
+-	 */
+-	if (*(end_body-1) == '\n')
+-	    --end_body;
+-	if (*(end_body-1) == '\r')
+-	    --end_body;
++	if (end_body > start_body) {
++	    /* The newline preceeding the delimiter is conceptually part of
++	     * the delimiter, so trim it from the body.
++	     */
++	    if (*(end_body-1) == '\n')
++		--end_body;
++	    if (*(end_body-1) == '\r')
++		 --end_body;
++	}
+ 
+ 	/* Now that we have determined the part's boundary, parse it
+ 	 * to get the header and body part of the part.
diff --git a/debian/patches/asterisk/0020-Ensure-2543-transaction-key-buffer-is-large-enough.patch b/debian/patches/asterisk/0020-Ensure-2543-transaction-key-buffer-is-large-enough.patch
new file mode 100644
index 0000000..21218a3
--- /dev/null
+++ b/debian/patches/asterisk/0020-Ensure-2543-transaction-key-buffer-is-large-enough.patch
@@ -0,0 +1,25 @@
+From: Mark Michelson <mmichelson at digium.com>
+Date: Thu, 13 Apr 2017 16:20:07 -0500
+Subject: Ensure 2543 transaction key buffer is large enough.
+
+The CSeq method length needs to be factored into the allocated buffer
+length. Otherwise, the buffer may not be large enough to accommodate the
+entire key.
+---
+ pjsip/src/pjsip/sip_transaction.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/pjsip/src/pjsip/sip_transaction.c b/pjsip/src/pjsip/sip_transaction.c
+index 30b7d40..af9d5f2 100644
+--- a/pjsip/src/pjsip/sip_transaction.c
++++ b/pjsip/src/pjsip/sip_transaction.c
+@@ -288,7 +288,8 @@ static pj_status_t create_tsx_key_2543( pj_pool_t *pool,
+     host = &rdata->msg_info.via->sent_by.host;
+ 
+     /* Calculate length required. */
+-    len_required = 9 +			    /* CSeq number */
++    len_required = method->name.slen +	    /* Method */
++		   9 +			    /* CSeq number */
+ 		   rdata->msg_info.from->tag.slen +   /* From tag. */
+ 		   rdata->msg_info.cid->id.slen +    /* Call-ID */
+ 		   host->slen +		    /* Via host. */
diff --git a/debian/patches/series b/debian/patches/series
index 049d2c3..4ddd84c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -16,3 +16,5 @@ asterisk/0015-r5471-svn-backport-Various-fixes-for-DNS-IPv6.patch
 asterisk/0016-r5473-svn-backport-Fix-pending-query.patch
 asterisk/0017-r5475-svn-backport-Remove-DNS-cache-entry.patch
 asterisk/0018-r5477-svn-backport-Fix-DNS-write-on-freed-memory.patch
+asterisk/0019-Parse-zero-length-multipart-body-parts-correctly.patch
+asterisk/0020-Ensure-2543-transaction-key-buffer-is-large-enough.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/pjproject.git

More information about the Pkg-voip-commits mailing list