kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-04 03:50:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
a801543f79a2161815bd98d6846fc1526e9cd612
asterisk/res
History
Sean Bright a801543f79 AST-2018-009: Fix crash processing websocket HTTP Upgrade requests 
The HTTP request processing in res_http_websocket allocates additional
space on the stack for various headers received during an Upgrade request.
An attacker could send a specially crafted request that causes this code
to overflow the stack, resulting in a crash.

* No longer allocate memory from the stack in a loop to parse the header
values.  NOTE: There is a slight API change when using the passed in
strings as is.  We now require the passed in strings to no longer have
leading or trailing whitespace.  This isn't a problem as the only callers
have already done this before passing the strings to the affected
function.

ASTERISK-28013 #close

Change-Id: Ia564825a8a95e085fd17e658cb777fe1afa8091a
2018-09-20 11:19:03 -05:00
..
ael
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
ari
optional_api: Remove unused nonoptreq fields
2018-09-12 12:34:54 -05:00
parking
res_parking: Add dialplan function for lot channel
2018-07-10 11:03:01 -05:00
res_pjsip
pjproject: Upgrade to 2.8.
2018-09-18 11:32:18 -05:00
snmp
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
srtp
res_srtp: Add support for libsrtp2 with AES-GCM.
2017-10-18 03:34:56 -05:00
stasis
VECTOR: Passing parameters with side effects to macros is dangerous.
2018-06-21 16:10:52 -06:00
stasis_recording
core: Remove ABI effects of MALLOC_DEBUG.
2018-03-01 13:13:55 -06:00
ari.make
Makefile
Fix GCC 8 build issues.
2018-05-11 09:48:58 -04:00
res_adsi.c
module: Remove deprecated modules and update support levels.
2018-07-18 18:15:53 +00:00
res_ael_share.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_ael_share.exports.in
res_agi.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_agi.exports.in
res_ari_applications.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_ari_asterisk.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_ari_bridges.c
Merge "Remove redundant module checks and references."
2018-01-29 12:39:34 -06:00
res_ari_channels.c
Merge "Remove redundant module checks and references."
2018-01-29 12:39:34 -06:00
res_ari_device_states.c
Merge "Remove redundant module checks and references."
2018-01-29 12:39:34 -06:00
res_ari_endpoints.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_ari_events.c
Merge "Remove redundant module checks and references."
2018-01-29 12:39:34 -06:00
res_ari_mailboxes.c
Merge "Remove redundant module checks and references."
2018-01-29 12:39:34 -06:00
res_ari_model.c
modules: change module LOAD_FAILUREs to LOAD_DECLINES
2017-04-12 15:57:21 -06:00
res_ari_model.exports.in
res_ari_playbacks.c
Merge "Remove redundant module checks and references."
2018-01-29 12:39:34 -06:00
res_ari_recordings.c
Merge "Remove redundant module checks and references."
2018-01-29 12:39:34 -06:00
res_ari_sounds.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_ari.c
res_ari: Remove requirement that body exists when debug is on.
2018-05-03 05:37:01 -06:00
res_ari.exports.in
res_calendar_caldav.c
res_calendar: Specialized calendars depend on symbols of general calendar.
2018-02-16 13:52:37 +01:00
res_calendar_ews.c
res_calendar: Specialized calendars depend on symbols of general calendar.
2018-02-16 13:52:37 +01:00
res_calendar_exchange.c
res_calendar: Specialized calendars depend on symbols of general calendar.
2018-02-16 13:52:37 +01:00
res_calendar_icalendar.c
res_calendar: Specialized calendars depend on symbols of general calendar.
2018-02-16 13:52:37 +01:00
res_calendar.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_calendar.exports.in
res_chan_stats.c
loader: Add dependency fields to module structures.
2018-01-15 13:25:51 -05:00
res_clialiases.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_clioriginate.c
res_config_curl.c
loader: Convert reload_classes to built-in modules.
2018-03-14 05:20:12 -04:00
res_config_ldap.c
Fix GCC 8 build issues.
2018-05-11 09:48:58 -04:00
res_config_odbc.c
loader: Convert reload_classes to built-in modules.
2018-03-14 05:20:12 -04:00
res_config_pgsql.c
loader: Convert reload_classes to built-in modules.
2018-03-14 05:20:12 -04:00
res_config_sqlite3.c
loader: Convert reload_classes to built-in modules.
2018-03-14 05:20:12 -04:00
res_config_sqlite.c
loader: Convert reload_classes to built-in modules.
2018-03-14 05:20:12 -04:00
res_convert.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_corosync.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_crypto.c
res_crypto: Allow OpenSSL configured with no-deprecated.
2018-06-08 11:03:35 +02:00
res_crypto.exports.in
res_curl.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_endpoint_stats.c
loader: Add dependency fields to module structures.
2018-01-15 13:25:51 -05:00
res_fax_spandsp.c
loader: Add dependency fields to module structures.
2018-01-15 13:25:51 -05:00
res_fax.c
res_fax: Handle fax gateway being started more than once.
2018-08-29 05:20:33 -05:00
res_fax.exports.in
res_format_attr_celt.c
res_format_attr_g729.c
res_format_attr_h263.c
Loader: Remove unneeded load_pri declarations.
2017-11-20 13:17:55 -06:00
res_format_attr_h264.c
Loader: Remove unneeded load_pri declarations.
2017-11-20 13:17:55 -06:00
res_format_attr_ilbc.c
res_format_attr_opus.c
Fix Common Typo's.
2017-12-20 12:40:01 -05:00
res_format_attr_silk.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_format_attr_siren7.c
res_format_attr_siren14.c
res_format_attr_vp8.c
res_hep_pjsip.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_hep_rtcp.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_hep.c
netsock2: Add ast_sockaddr_resolve_first_af to netsock2 public API
2018-05-21 11:03:10 -05:00
res_hep.exports.in
res_http_media_cache.c
Add the ability to read the media file type from HTTP header for playback
2018-04-30 16:30:44 -04:00
res_http_post.c
res_http_post: Enable GMime in Solaris 11.
2018-06-21 10:18:36 -06:00
res_http_websocket.c
AST-2018-009: Fix crash processing websocket HTTP Upgrade requests
2018-09-20 11:19:03 -05:00
res_http_websocket.exports.in
res_limit.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_manager_devicestate.c
res_manager_presencestate.c
res_monitor.c
Complete deprecating legacy modules.
2018-03-08 13:53:09 -06:00
res_monitor.exports.in
res_musiconhold.c
res_musiconhold.c: Restart MOH if previous hold just reached end-of-file
2018-09-07 07:58:46 -05:00
res_mutestream.c
res_mwi_external_ami.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_mwi_external.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_mwi_external.exports.in
res_odbc_transaction.c
res_odbc_transaction.exports.in
res_odbc.c
res_odbc: Allow unload at shutdown.
2018-08-15 11:33:37 -05:00
res_odbc.exports.in
res_parking.c
aco: Minimize use of regex.
2017-12-15 10:14:31 -05:00
res_phoneprov.c
loader: Convert reload_classes to built-in modules.
2018-03-14 05:20:12 -04:00
res_phoneprov.exports.in
res_pjproject.c
res_pjproject: Fix sockaddr conversion routines for non-bundled PJSIP
2018-09-12 07:26:33 -05:00
res_pjproject.exports.in
res_pjproject: Add utility functions to convert between socket structures
2018-09-06 13:30:12 -05:00
res_pjsip_acl.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_authenticator_digest.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_caller_id.c
res_pjsip_caller_id: Add "party" parameter to RPID header.
2018-08-14 08:55:38 -05:00
res_pjsip_config_wizard.c
res_pjsip_config_wizard: Fix leaks and add check for malloc failure.
2017-11-06 18:44:01 -05:00
res_pjsip_dialog_info_body_generator.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_diversion.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_dlg_options.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_dtmf_info.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_empty_info.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_endpoint_identifier_anonymous.c
endpoint identifiers: Some code cleanup.
2018-02-02 18:03:06 -06:00
res_pjsip_endpoint_identifier_ip.c
res_pjsip_endpoint_identifier_ip.c: Added regex support to match_header
2018-07-27 10:58:38 -05:00
res_pjsip_endpoint_identifier_user.c
endpoint identifiers: Some code cleanup.
2018-02-02 18:03:06 -06:00
res_pjsip_exten_state.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_exten_state.exports.in
res_pjsip_header_funcs.c
res_pjsip.c: Split ast_sip_push_task_synchronous() to fit expectations.
2018-04-12 17:34:16 -05:00
res_pjsip_history.c
VECTOR: Passing parameters with side effects to macros is dangerous.
2018-06-21 16:10:52 -06:00
res_pjsip_logger.c
res_pjsip: Log IPv6 addresses correctly
2018-09-14 14:59:23 -05:00
res_pjsip_messaging.c
res_pjsip: Change log message from error to warning for valid use cases
2018-07-24 07:20:25 -05:00
res_pjsip_mwi_body_generator.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_mwi.c
res_pjsip_mwi.c: Fix null pointer crash
2018-02-01 15:33:23 -06:00
res_pjsip_nat.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_notify.c
res_pjsip_notify.c: enable in-dialog NOTIFY
2018-04-11 10:31:44 -06:00
res_pjsip_one_touch_record_info.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_outbound_authenticator_digest.c
res_pjsip: Log IPv6 addresses correctly
2018-09-14 14:59:23 -05:00
res_pjsip_outbound_publish.c
res_pjsip.c: Split ast_sip_push_task_synchronous() to fit expectations.
2018-04-12 17:34:16 -05:00
res_pjsip_outbound_publish.exports.in
res_pjsip_outbound_registration.c
Merge "res_pjsip: Fix deadlock on reliable transport shutdown."
2018-04-18 17:32:33 -05:00
res_pjsip_path.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_phoneprov_provider.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_pidf_body_generator.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_pidf_digium_body_supplement.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_pidf_eyebeam_body_supplement.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_publish_asterisk.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_pubsub.c
res_pjsip_pubsub: Use ast_true for "prune_on_boot".
2018-07-28 08:01:27 -05:00
res_pjsip_pubsub.exports.in
res_pjsip_refer.c
res_pjsip.c: Split ast_sip_push_task_synchronous() to fit expectations.
2018-04-12 17:34:16 -05:00
res_pjsip_registrar.c
res_pjsip_registrar: Improve performance on inbound handling.
2018-08-03 04:09:15 -05:00
res_pjsip_rfc3326.c
res_pjsip: Add 'suppress_q850_reason_headers' option to endpoint
2018-07-06 07:03:45 -06:00
res_pjsip_sdp_rtp.c
pjproject: Upgrade to 2.8.
2018-09-18 11:32:18 -05:00
res_pjsip_send_to_voicemail.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_session.c
res_pjsip_session: Don't add declined stream if one does not exist.
2018-09-18 06:11:23 -05:00
res_pjsip_session.exports.in
res_pjsip: Add REF_DEBUG info to module references.
2017-10-04 12:00:47 -04:00
res_pjsip_sips_contact.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip_t38.c
res_pjsip_t38.c: Fix crash if already saw a final T.38 reINVITE response.
2018-08-17 18:56:24 -05:00
res_pjsip_transport_websocket.c
res_pjsip: Log IPv6 addresses correctly
2018-09-14 14:59:23 -05:00
res_pjsip_xpidf_body_generator.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pjsip.c
res_pjsip: Log IPv6 addresses correctly
2018-09-14 14:59:23 -05:00
res_pjsip.exports.in
res_pjsip: Add REF_DEBUG info to module references.
2017-10-04 12:00:47 -04:00
res_pktccops.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_pktccops.exports.in
res_realtime.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_resolver_unbound.c
res_resolver_unbound: Fix leak of config nameserver strings.
2018-08-15 15:32:25 -05:00
res_rtp_asterisk.c
res/res_rtp_asterisk: remove debug traces generated by an empty frame
2018-08-27 12:03:03 -05:00
res_rtp_multicast.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_rtp_multicast.exports.in
res_security_log.c
res_smdi.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_smdi.exports.in
res_snmp.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_sorcery_astdb.c
astdb: Improve prefix searches in astdb
2017-12-10 12:51:16 -06:00
res_sorcery_config.c
res_sorcery_config: Allow configuration section to be used based on name.
2018-07-18 13:20:49 -05:00
res_sorcery_memory_cache.c
sorcery: Add ast_sorcery_retrieve_by_prefix()
2017-11-13 15:15:33 -05:00
res_sorcery_memory.c
sorcery: Add ast_sorcery_retrieve_by_prefix()
2017-11-13 15:15:33 -05:00
res_sorcery_realtime.c
res_sorcery_realtime.c: Fix unqualified fetch warning.
2018-08-17 16:33:24 -05:00
res_speech.c
res_stasis and res_speech: Fix load order.
2017-12-07 19:39:04 -06:00
res_speech.exports.in
res_srtp.c
autoconf: Check for srtp_get_version_string() before using it
2018-09-17 10:48:03 -05:00
res_srtp.exports.in
res_stasis_answer.c
loader: Add dependency fields to module structures.
2018-01-15 13:25:51 -05:00
res_stasis_answer.exports.in
res_stasis_device_state.c
loader: Add dependency fields to module structures.
2018-01-15 13:25:51 -05:00
res_stasis_device_state.exports.in
res_stasis_mailbox.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_stasis_mailbox.exports.in
res_stasis_playback.c
loader: Add dependency fields to module structures.
2018-01-15 13:25:51 -05:00
res_stasis_playback.exports.in
res_stasis_recording.c
loader: Add dependency fields to module structures.
2018-01-15 13:25:51 -05:00
res_stasis_recording.exports.in
res_stasis_snoop.c
loader: Add dependency fields to module structures.
2018-01-15 13:25:51 -05:00
res_stasis_snoop.exports.in
res_stasis_test.c
optional_api: Remove unused nonoptreq fields
2018-09-12 12:34:54 -05:00
res_stasis_test.exports.in
res_stasis.c
Remove redundant module checks and references.
2018-01-24 13:37:29 -05:00
res_stasis.exports.in
res_statsd.c
Merge "Remove redundant module checks and references."
2018-01-29 12:39:34 -06:00
res_statsd.exports.in
res_stun_monitor.c
res_stun_monitor: Don't fail to load if DNS resolution fails
2017-04-14 16:55:03 -05:00
res_timing_dahdi.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_timing_kqueue.c
res_timing_pthread.c
Remove as much trailing whitespace as possible.
2017-12-22 09:23:22 -05:00
res_timing_timerfd.c
res_xmpp.c
aco: Minimize use of regex.
2017-12-15 10:14:31 -05:00
res_xmpp.exports.in
res.xml
Create --disable-binary-modules option.
2018-08-27 13:22:31 -04:00