[OpenSIPS-Users] [OpenSIPS Security Alerts] [FIX][Severity Medium] Nat_traversal module

Vlad Paiu vladpaiu at opensips.org
Fri Sep 14 12:36:09 CEST 2012


This message was generated by the Security Alerts service ( Free Trial 14th of August - 14th of September )
http://www.opensips.org/Resources/AlertsMain*

SVN commit*:
http://opensips.svn.sourceforge.net/viewvc/opensips?view=revision&revision=9231

*Severity*: Medium

*Version*  : 1.7, 1.8, trunk

*Affected modules*  : Nat_traversal

*Effect*  : Memory leak when doing NAT keepalives

*Affected scenarios*: When using the nat_keepalive() function for pinging
nat-ed clients, there was the possibility of memory leaks.

*Description*  : This was a classical 'memory leak' scenario, where not all the
resources were freed. More specific, the SIP message structure was not completely
de-allocated and freed.*

Risks*  :  The memory leaks would eventually lead to filling up the entire OpenSIPS
memory and then to the loss of SIP processing ability. Thus, if using the
Nat_traversal module for NAT pinging, updating is critical.

*Update*  :
- if you have an SVN checkout, 1.7, 1.8 and trunk were fixed; so
update to a revision later than 9231 (trunk), 9232 (1.8 branch) or
9233 ( 1.7 branch )
- if you have OpenSIPS from sources, download and apply the patch from
http://opensips.svn.sourceforge.net/viewvc/opensips/trunk/modules/nat_traversal/nat_traversal.c?view=patch&r1=9231&r2=9230&pathrev=9231
  or see the attached patch;
- if using tarballs, they were already regenerated (and include the fix)
- If using the official Debian package (apt.opensips.org), they are also
re-generated including the fix

-- 
Vlad Paiu
OpenSIPS Developer
http://www.opensips-solutions.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20120914/5ace64a7/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nattraversal_leak-9231.patch
Type: text/x-patch
Size: 293 bytes
Desc: not available
URL: <http://lists.opensips.org/pipermail/users/attachments/20120914/5ace64a7/attachment.bin>
-------------- next part --------------
_______________________________________________
Alerts mailing list
Alerts at lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/alerts


More information about the Users mailing list