It seems that one can crash asterisk+visdn by sending a SETUP message
without a Bearer Capability information element.
While that is definitely not legal, it's not a good reason to crash either.
diff --git a/chan_visdn/chan_visdn.c b/chan_visdn/chan_visdn.c
index 977e13a..27cabab 100644
--- a/chan_visdn/chan_visdn.c
+++ b/chan_visdn/chan_visdn.c
@@ -3338,7 +3338,24 @@ static void visdn_q931_setup_indication(
}
}
- assert(bc);
+ if(!bc) {
+ visdn_debug("Missing bearer capability, rejecting call\n");
+
+ Q931_DECLARE_IES(ies);
+
+ struct q931_ie_cause *cause = q931_ie_cause_alloc();
+ cause->coding_standard = Q931_IE_C_CS_CCITT;
+ cause->location = q931_ie_cause_location_call(q931_call);
+ cause->value = Q931_IE_C_CV_MANDATORY_INFORMATION_ELEMENT_IS_MISSING;
+ q931_ies_add_put(&ies, &cause->ie);
+
+ q931_send_primitive(visdn_chan->q931_call,
+ Q931_CCB_REJECT_REQUEST, &ies);
+
+ Q931_UNDECLARE_IES(ies);
+
+ goto err_bearercap;
+ }
q931_call->pvt = ast_chan;
@@ -3435,7 +3452,7 @@ static void visdn_q931_setup_indication(
Q931_UNDECLARE_IES(ies);
- goto err_unsupported_bearercap;
+ goto err_bearercap;
}
/* ------ Handle HLC ------ */
@@ -3708,7 +3725,7 @@ #endif
return;
-err_unsupported_bearercap:
+err_bearercap:
ast_hangup(ast_chan);
goto err_visdn_alloc; // FIXME, ast_hangup frees visdn_chan too
err_visdn_new:
--
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | [EMAIL PROTECTED]
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
- -
In unanimity there is cowardice and uncritical thinking.
-- Marion J. Levy, Jr.
_______________________________________________
Visdn-hackers mailing list
[email protected]
https://mailman.uli.it/mailman/listinfo/visdn-hackers
