Package: release.debian.org Severity: normal Tags: stretch User: release.debian....@packages.debian.org Usertags: pu
Hi, I'd like to ask for a SRM approval to include a non-security fix for an important bug in the pjproject package into the next security upload. In #881362 Joachim Förster reported issues resolving DNS SRV records if the target does not have an AAAA record. He identified and tested an upstream patch that has been part of sid for more than 6 months. We will have to do a security upload of pjproject soon, and I'd like to include this fix there. Relevant patch attached. Bernhard
diff --git a/debian/patches/0008-r5536-Fix-SRV-without-AAAA.patch b/debian/patches/0008-r5536-Fix-SRV-without-AAAA.patch new file mode 100644 index 0000000..2a20cb4 --- /dev/null +++ b/debian/patches/0008-r5536-Fix-SRV-without-AAAA.patch @@ -0,0 +1,55 @@ +From: Riza Sulistyo <r...@teluu.com> +Subject: [PATCH] Re #1945 (misc): Don't trigger SRV complete callback when + there is a parse error. +Bug-Debian: https://bugs.debian.org/881362 + +git-svn-id: https://svn.pjsip.org/repos/pjproject/trunk@5536 74dad513-b988-da41-8d7b-12977e46ad98 +--- + pjlib-util/src/pjlib-util/srv_resolver.c | 24 ++++++++++++++++++------ + 1 file changed, 18 insertions(+), 6 deletions(-) + +diff --git a/pjlib-util/src/pjlib-util/srv_resolver.c b/pjlib-util/src/pjlib-util/srv_resolver.c +index 8a4a599e..8a2f7e1b 100644 +--- a/pjlib-util/src/pjlib-util/srv_resolver.c ++++ b/pjlib-util/src/pjlib-util/srv_resolver.c +@@ -652,6 +652,7 @@ static void dns_callback(void *user_data, + + } else if (query_job->dns_state == PJ_DNS_TYPE_A) { + pj_bool_t is_type_a, srv_completed; ++ pj_dns_addr_record rec; + + /* Clear outstanding job */ + if (common->type == PJ_DNS_TYPE_A) { +@@ -668,15 +669,26 @@ static void dns_callback(void *user_data, + + is_type_a = (common->type == PJ_DNS_TYPE_A); + ++ /* Parse response */ ++ if (status==PJ_SUCCESS && pkt->hdr.anscount != 0) { ++ status = pj_dns_parse_addr_response(pkt, &rec); ++ if (status!=PJ_SUCCESS) { ++ char errmsg[PJ_ERR_MSG_SIZE]; ++ ++ PJ_LOG(4,(query_job->objname, ++ "DNS %s record parse error for '%.*s'." ++ " Err=%d (%s)", ++ (is_type_a ? "A" : "AAAA"), ++ (int)query_job->domain_part.slen, ++ query_job->domain_part.ptr, ++ status, ++ pj_strerror(status,errmsg,sizeof(errmsg)).ptr)); ++ } ++ } ++ + /* Check that we really have answer */ + if (status==PJ_SUCCESS && pkt->hdr.anscount != 0) { + char addr[PJ_INET6_ADDRSTRLEN]; +- pj_dns_addr_record rec; +- +- /* Parse response */ +- status = pj_dns_parse_addr_response(pkt, &rec); +- if (status != PJ_SUCCESS) +- goto on_error; + + pj_assert(rec.addr_count != 0); + diff --git a/debian/patches/series b/debian/patches/series index 4ddd84c..b23b21f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -18,3 +18,4 @@ asterisk/0017-r5475-svn-backport-Remove-DNS-cache-entry.patch asterisk/0018-r5477-svn-backport-Fix-DNS-write-on-freed-memory.patch asterisk/0019-Parse-zero-length-multipart-body-parts-correctly.patch asterisk/0020-Ensure-2543-transaction-key-buffer-is-large-enough.patch +0008-r5536-Fix-SRV-without-AAAA.patch