[OpenSIPS-Users] [OpenSIPS Security Alerts] [FIX][Severity Medium] Timer Route inconsistency

Bogdan-Andrei Iancu bogdan at opensips.org
Fri Sep 14 20:37:01 CEST 2012 

This message was generated by the Security Alerts service ( Free Trial 14th of August - 14th of September )
http://www.opensips.org/Resources/AlertsMain*

SVN commit*:
http://opensips.svn.sourceforge.net/opensips/?rev=9248&view=rev

*Severity*: Medium

*Version*  : 1.7, 1.8, trunk

*Affected modules*  : Core

*Effect*  : Timer Route inconsistency

*Affected scenarios*: If using timer route in relation with functions that try to parse
or change SIP message (like extracting infos - RURI, headers, etc - or add headers or
change RURI) you will experience memory leaks. Also if you are using AVPs in timer
route, they will be inherited by any further execution of the timer route (they will
not be reseted, by they will continuously pile up) and even worst, the AVPs will be
shared by all timer routes at all time. This will lead to unexpected behavior as
AVPs will never be deleted or reset in timer route.

*Description*  : When timer route is internally executed, it does not do cleaning
for the dummy SIP message which is provided, neither frees the list of created
AVPs. Basically the dummy SIP message and the list of AVPs will pile up all
changes or values through the entire execution time of OpenSIPS.*

Risks*  :  The memory leaks, but the worst risk is to have non-null list
of AVPs with pre-populated values when a timer route is triggered.

*Update*  :
- if you have an SVN checkout, 1.7, 1.8 and trunk were fixed; so
update to a revision later than 9247 (trunk), 9248 (1.8 branch) or
9249 ( 1.7 branch )
- if you have OpenSIPS from sources, download and apply the patch from
http://opensips.svn.sourceforge.net/viewvc/opensips/trunk/timer.c?r1=9247&r2=9246&pathrev=9247
  or see the attached patch;
- if using tarballs, they were already regenerated (and include the fix)
- If using the official Debian package (apt.opensips.org), they are also
re-generated including the fix


-- 
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20120914/be49309f/attachment.htm>
-------------- next part --------------
_______________________________________________
Alerts mailing list
Alerts at lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/alerts

More information about the Users mailing list