Package: asterisk Version: 1:16.16.1~dfsg-1~bpo10+1 Severity: important Tags: upstream
When chan_sip processes incoming SIP message and its body contains NUL characters (for example due to deflate encoding), reading body from buffer stops at the NUL character, thus ignoring the rest of the buffer and waiting for additional incoming data to catch up all data of size indicated in the Content-Length header. Effectively this behavior causes breakup of SIP communication - ignoring subsequent messages and returning errors "method not implemented". Steps to reproduce: - set up Linhone for Android to register with Asterisk - in rasterisk, turn on debugging for the new peer: "sip set debug peer xxxx" - in Linphone's settings, turn on Settings/Contacts/Friendlist subscribe - in rasterisk, wait for the SUBSCRIBE message with deflated body - in Linphone, try to place a call - the INVITE message is not processed as chan_sip believes to be continuation of body belonging to the preceding SUBSCRIBE message -- System Information: Debian Release: 10.10 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-0.bpo.7-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_ US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages asterisk depends on: ii adduser 3.118 ii asterisk-config 1:16.16.1~dfsg-1~bpo10+1 ii asterisk-core-sounds-en 1.6.1-1 ii asterisk-modules 1:16.16.1~dfsg-1~bpo10+1 ii libc6 2.28-10 ii libcap2 1:2.25-2 ii libedit2 3.1-20181209-1 ii libjansson4 2.12-1 ii libpopt0 1.16-12 ii libsqlite3-0 3.27.2-3+deb10u1 ii libssl1.1 1.1.1d-0+deb10u6 ii libsystemd0 241-7~deb10u7 ii liburiparser1 0.9.1-1 ii libuuid1 2.33.1-0.1 ii libxml2 2.9.4+dfsg1-7+deb10u2 ii libxslt1.1 1.1.32-2.2~deb10u1 ii lsb-base 10.2019051400 Versions of packages asterisk recommends: ii asterisk-moh-opsound-gsm 2.03-1 pn asterisk-voicemail | asterisk-voicemail-storage <none> pn sox <none> Versions of packages asterisk suggests: pn asterisk-dahdi <none> pn asterisk-dev <none> pn asterisk-doc <none> pn asterisk-ooh323 <none> pn asterisk-opus <none> pn asterisk-vpb <none> -- Configuration Files: /etc/logrotate.d/asterisk changed [not included] -- no debconf information