From 7a46cd7433fabb86daca8c07ec397ffe988e95bf Mon Sep 17 00:00:00 2001 From: Alexander Traud Date: Fri, 7 Apr 2017 15:06:11 +0200 Subject: pjproject_bundled: Crash on pj_ssl_get_info() while ioqueue_on_read_complete(). When the Asterisk channel driver res_pjsip offers SIP-over-TLS, sometimes, not reproducible, Asterisk crashed in pj_ssl_sock_get_info() because a NULL pointer was read. This change avoids this crash. ASTERISK-26927 #close Change-Id: I24a6011b44d1426d159742ff4421cf806a52938b --- .../0048-r5576-svn-backport-tls-crash.patch | 32 ++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 third-party/pjproject/patches/0048-r5576-svn-backport-tls-crash.patch (limited to 'third-party') diff --git a/third-party/pjproject/patches/0048-r5576-svn-backport-tls-crash.patch b/third-party/pjproject/patches/0048-r5576-svn-backport-tls-crash.patch new file mode 100644 index 000000000..b5edc71f4 --- /dev/null +++ b/third-party/pjproject/patches/0048-r5576-svn-backport-tls-crash.patch @@ -0,0 +1,32 @@ +Index: /pjproject/trunk/pjlib/src/pj/ssl_sock_ossl.c +=================================================================== +--- a/pjlib/src/pj/ssl_sock_ossl.c (revision 5564) ++++ b/pjlib/src/pj/ssl_sock_ossl.c (revision 5565) +@@ -145,5 +145,6 @@ + SSL_STATE_NULL, + SSL_STATE_HANDSHAKING, +- SSL_STATE_ESTABLISHED ++ SSL_STATE_ESTABLISHED, ++ SSL_STATE_ERROR + }; + +@@ -1907,4 +1908,8 @@ + buf->len += size_; + ++ if (status != PJ_SUCCESS) { ++ ssock->ssl_state = SSL_STATE_ERROR; ++ } ++ + ret = (*ssock->param.cb.on_data_read)(ssock, buf->data, + buf->len, status, +@@ -2658,5 +2663,9 @@ + /* Current cipher */ + cipher = SSL_get_current_cipher(ssock->ossl_ssl); +- info->cipher = (SSL_CIPHER_get_id(cipher) & 0x00FFFFFF); ++ if (cipher) { ++ info->cipher = (SSL_CIPHER_get_id(cipher) & 0x00FFFFFF); ++ } else { ++ info->cipher = PJ_TLS_UNKNOWN_CIPHER; ++ } + + /* Remote address */ -- cgit v1.2.3