sanitize_tdata was assuming all URIs were SIP URIs so when a non
SIP uri was in the From, To or Contact headers, the unconditional
cast of a non-pjsip_sip_uri structure to pjsip_sip_uri caused
a segfault when trying to access uri->other_param.
* Added PJSIP_URI_SCHEME_IS_SIP(uri) || PJSIP_URI_SCHEME_IS_SIPS(uri)
checks before attempting to cast or use the returned uri.
ASTERISK-27152
Reported-by: Ross Beer
Change-Id: Id380df790e6622c8058a96035f8b8f4aa0b8551f
An admin can configure app_minivm with an externnotify program to be run
when a voicemail is received. The app_minivm application MinivmNotify
uses ast_safe_system() for this purpose which is vulnerable to command
injection since the Caller-ID name and number values given to externnotify
can come from an external untrusted source.
* Add ast_safe_execvp() function. This gives modules the ability to run
external commands with greater safety compared to ast_safe_system().
Specifically when some parameters are filled by untrusted sources the new
function does not allow malicious input to break argument encoding. This
may be of particular concern where CALLERID(name) or CALLERID(num) may be
used as a parameter to a script run by ast_safe_system() which could
potentially allow arbitrary command execution.
* Changed app_minivm.c:run_externnotify() to use the new ast_safe_execvp()
instead of ast_safe_system() to avoid command injection.
* Document code injection potential from untrusted data sources for other
shell commands that are under user control.
ASTERISK-27103
Change-Id: I7552472247a84cde24e1358aaf64af160107aef1
This change moves the logic which learns a new source address
for RTP so it only occurs in the learning state. The learning
state is entered on initial allocation of RTP or if we are
told that the remote address for the media has changed. While
in the learning state if we continue to receive media from
the original source we restart the learning process. It is
only once we receive a sufficient number of RTP packets from
the new source that we will switch to it. Once this is done
the closed state is entered where all packets that do not
originate from the expected source are dropped.
The learning process has also been improved to take into
account the time between received packets so a flood of them
while in the learning state does not cause media to be switched.
Finally RTCP now drops packets which are not for the learned
SSRC if strict RTP is enabled.
ASTERISK-27013
Change-Id: I56a96e993700906355e79bc880ad9d4ad3ab129c
When SDP renegotiation occurs it is possible for an RTP
instance to be reused for a new stream, resulting in the remote
SSRC changing if it is part of a bundle group. This change
allows this and updates its mapping in the current bundle
group.
ASTERISK-27231
Change-Id: I6e3703974f236bc024c5dbe9bd43adae0c6fb490
Create local_tag and remote_tag in CHANNEL info to get tag from From and
To headers of a SIP dialog.
ASTERISK-27220
Change-Id: I59b16c4b928896fcbde02ad88f0e98922b15d524
* Fix framehook to test frame type for control frame.
* Made framehook exit early if frame type is not a control frame.
* Eliminated RAII_VAR in framehook.
* Use switch instead of else-if ladder for control frame handling.
Change-Id: Ia555fc3600bd85470e3c0141147dbe3ad07c1d18
This prevents orphaned CBAnn channels from getting stuck in the bridge.
ASTERISK-26994 #close
Reported by: James Terhune
Change-Id: I5e43e832a9507ec3f2c59752cd900b41dab80457
A video update frame is used to indicate that a channel
with video negotiated should provide a full frame so the
decoder decoding the stream is able to do so. In situations
where a queue is used to store frames it makes no sense
for the queue to contain multiple video update frames. One
is sufficient to have a full frame be sent.
ASTERISK-27222
Change-Id: Id3f40a6f51b740ae4704003a1800185c0c658ee7
mkstemp() returns a unique filename, but appending an extension to that
filename does not guarantee uniqueness. Instead, use mkdtemp() and we
can put whatever extension we want on the files that we create inside
the directory.
In the case of app_minivm, we also now properly clean up any temporary
files that we create.
ASTERISK-20858 #close
Reported by: Walter Doekes
Change-Id: I30ad04f0e115f0b11693ff678ba5184d8b938e43
If the Record() application is called with a relative filename that
includes directories, we were not properly creating the intermediate
directories and Record() would fail.
Secondarily, updated the documentation for RECORDED_FILE to mention
that it does not include a filename extension.
Finally, rewrote the '%d' functionality to be a bit more straight
forward and less noisy.
ASTERISK-16777 #close
Reported by: klaus3000
Change-Id: Ibc2640cba3a8c7f17d97b02f76b7608b1e7ffde2
The ps_endpoints table was missing the dtls_fingerprint column
introduced with commit adba2a8d7f.
ASTERISK-27168 #close
Change-Id: I9cb5006f7f50718b5239919562773adabb334cfd
If an SDP answer hasn't been sent yet, it's legal to change it.
This is required for PJSIP_DTMF_MODE to work correctly, and can
also have use in the future for updating codecs too.
ASTERISK-27209 #close
Change-Id: Idbbfb7cb3f72fbd96c94d10d93540f69bd51e7a1
If a previously active stream is declined we could crash because the
channel's thread is still using the stream while we are updating the
topology in the serializer thread.
* Defer removing any declined stream's handler until we have blocked the
channel's thread with the channel lock.
ASTERISK-27212
Change-Id: I50e1d3ef26f8e41948f4c411ee329aa3b960a420
* Add protection checks when mapping streams to the bridge. The channel
and bridge may be in the process of updating the stream mapping when a
media frame comes in so we may not be able to map the frame at the time.
* We need to map the streams to the bridge's stream numbers right before
they are written into the bridge. That way we don't have to keep
locking/unlocking the bridge and we won't have any synchronization
problems before the frames actually go into the bridge.
* Protect the deferred queue with the bridge_channel lock.
ASTERISK-27212
Change-Id: Id6860dd61b594b90c8395f6e2c0150219094c21a
* ast_channel_request_stream_topology_change() must not be called with any
channel locks held.
* ast_channel_stream_topology_changed() must be called with only the
passed channel lock held.
ASTERISK-27212
Change-Id: I843de7956d9f1cc7cc02025aea3463d8fe19c691
* Fix deadlock in
bridge_softmix.c:softmix_bridge_stream_topology_changed() between
bridge_channel and channel locks.
* The new bridge technology topology change callbacks must be called with
the bridge locked. The callback references the bridge channel list, the
bridge technology could change, and the bridge stream mapping is updated.
ASTERISK-27212
Change-Id: Ide4360ab853607e738ad471721af3f561ddd83be
Fixed to use correct initial value and fixed to use the
correct queue info to check the first value.
ASTERISK-27204
Change-Id: Ia9e36c828e566e1cc25c66f73307566e4acb8e73
fetch_access_token calls func_curl via ast_func_read. The latter returns 0 upon
success and -1 if the function is not available.
This commit inverts the return code check so that an error is printed if the
module is not loaded and not if it is loaded.
ASTERISK-27207 #close
Change-Id: I9ef903f80702d1218e8701f65a4e5e918e6548fb
Jenkins2
Joshua Colp
George Joseph
Corey Farrell
Andre Nazario
Richard Mudgett
Sean Bright
Florian Floimair
Torrey Searle
Sungtae Kim
Michael Kuron