Branch: refs/heads/3.1 Home: https://github.com/OpenSIPS/opensips Commit: 8e4f97f112694802578dd20b6d0c6c7267c8f49c https://github.com/OpenSIPS/opensips/commit/8e4f97f112694802578dd20b6d0c6c7267c8f49c Author: Liviu Chircu <li...@opensips.org> Date: 2022-11-08 (Tue, 08 Nov 2022)
Changed paths: M parser/parse_via.c M parser/test/test_parser.c Log Message: ----------- parse_via(): Fix out-of-bounds read edge-case (OSS-Fuzz) This patch fixes a possible off-by-one read overflow while parsing the Via buffer. Even so, the error was mostly harmless, as the supplied buffer is typically much larger and is guaranteed to be NULL-terminated (see udp_read_req(), for example). Severity: Low Fixes OSS-Fuzz#52326 (cherry picked from commit 5e9f72d3d90e8fc9cb20578a95c891631b4d91da) Commit: 569e336c846243ca33b7b6ccc2798c7d575b4ea7 https://github.com/OpenSIPS/opensips/commit/569e336c846243ca33b7b6ccc2798c7d575b4ea7 Author: Liviu Chircu <li...@opensips.org> Date: 2022-11-08 (Tue, 08 Nov 2022) Changed paths: M modules/db_flatstore/flat_mi.c M modules/db_flatstore/flat_mi.h M modules/db_flatstore/flatstore.c M modules/db_flatstore/flatstore_mod.c Log Message: ----------- db_flatstore: Fix missing CDRs due to 'flat_rotate' race conditions This commit simply adds R/W locking around the 'flat_rotate' MI command, and all the SIP worker processes. The race condition was as follows: * SIP worker checks the 'flat_rotate' stamp and proceeds to write CDR * 'flat_rotate' is ran (timestamp++) * external process scans & fully reads the rotated file (with deletion to follow later as well, but this is irrelevant) * SIP worker finally writes the CDR using flushed/vector'ed I/O (too late at this point, CDR is forever lost) (cherry picked from commit d3b1463ee115a8b7d4d6b9658c8b07b9ef3d0549) Commit: 06da52b001bd13172fc309d5892149033a3843c3 https://github.com/OpenSIPS/opensips/commit/06da52b001bd13172fc309d5892149033a3843c3 Author: Liviu Chircu <li...@opensips.org> Date: 2022-11-08 (Tue, 08 Nov 2022) Changed paths: M modules/db_flatstore/flat_mi.c M modules/db_flatstore/flatstore.c M modules/db_flatstore/flatstore_mod.c M modules/db_flatstore/flatstore_mod.h Log Message: ----------- db_flatstore: Fix another race condition around MI 'flat_rotate' This race condition was related to invoking 'flat_rotate' 2+ times during the same second (UNIX timestamp). Due to the way the timestamping logic was implemented, this could lead to files NOT being rotated at all on the 2nd 'flat_rotate', which falls in the same second. Although very rare, this race condition could lead to massive CDR loss, since all CDRs between 2nd and 3rd 'flat_rotate' commands have a great chance of being fully lost (unread and discarded). (cherry picked from commit e180b1536e89e7bc8d6e2dd3264786e8531c71d7) Commit: 846132178af4ceea1c269007f9429cb6c49efabe https://github.com/OpenSIPS/opensips/commit/846132178af4ceea1c269007f9429cb6c49efabe Author: Liviu Chircu <li...@opensips.org> Date: 2022-11-08 (Tue, 08 Nov 2022) Changed paths: M parser/parse_via.c M parser/test/test_parser.c Log Message: ----------- parse_via_param(): Fix out-of-bounds read edge-case (OSS-Fuzz) Similar to 5e9f72d3d, but for the parse_via_param() function. Severity: Low Fixes OSS-Fuzz#53080 (cherry picked from commit 6135ff05d0897342ca5c81585cef5a650eae67b9) Compare: https://github.com/OpenSIPS/opensips/compare/e36404610604...846132178af4 _______________________________________________ Devel mailing list Devel@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/devel