AST-2022-006: pjproject - unconstrained malformed multipart SIP message

ASTERISK-29945 #close Change-Id: Ic58957afc453195d53c2bd25c905df3d91d1abe6
2025-10-31 02:37:10 +00:00 · 2022-03-03 16:44:20 -06:00
parent 742d265ff5
commit 9e74563a50
1 changed files with 42 additions and 0 deletions
--- a/third-party/pjproject/patches/0172-prevent-multipart-oob.patch
+++ b/third-party/pjproject/patches/0172-prevent-multipart-oob.patch
@@ -0,0 +1,42 @@
+From 077b465c33f0aec05a49cd2ca456f9a1b112e896 Mon Sep 17 00:00:00 2001
+From: sauwming <ming@teluu.com>
+Date: Wed, 26 Jan 2022 13:28:57 +0800
+Subject: [PATCH] Merge pull request from GHSA-7fw8-54cv-r7pm
+
+---
+ pjlib-util/src/pjlib-util/scanner.c | 13 +++++++++----
+ 1 file changed, 9 insertions(+), 4 deletions(-)
+
+diff --git a/pjlib-util/src/pjlib-util/scanner.c b/pjlib-util/src/pjlib-util/scanner.c
+index 27a0b8831..a54edf2d8 100644
+--- a/pjlib-util/src/pjlib-util/scanner.c
+++ b/pjlib-util/src/pjlib-util/scanner.c
+@@ -444,16 +444,21 @@ PJ_DEF(void) pj_scan_get_n( pj_scanner *scanner,
+ 
+ PJ_DEF(int) pj_scan_get_char( pj_scanner *scanner )
+ {
+-    int chr = *scanner->curptr;
+    register char *s = scanner->curptr;
+    int chr;
+ 
+-    if (!chr) {
+    if (s >= scanner->end || !*s) {
+ 	pj_scan_syntax_err(scanner);
+ 	return 0;
+     }
+ 
+-    ++scanner->curptr;
+    chr = *s;
+ 
+-    if (PJ_SCAN_IS_PROBABLY_SPACE(*scanner->curptr) && scanner->skip_ws) {
+    ++s;
+    scanner->curptr = s;
+    if (PJ_SCAN_CHECK_EOF(s) && PJ_SCAN_IS_PROBABLY_SPACE(*s) &&
+    	scanner->skip_ws)
+    {
+ 	pj_scan_skip_whitespace(scanner);
+     }
+     return chr;
+-- 
+2.25.1
+