New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2022-47517: heap-based buffer overflow in (url_canonize2 libsofia-sip-ua/url/url.c ?) #243
Comments
I'm unable to recreate this on the latest build. Log below
|
I was able to see the off-by-one access when using valgrind. Fixed in v0.8.19-rc14 |
CVE-2022-47517 has been assigned to this issue. |
ok it seems like you opened this CVE 2 days ago, with no fix information, yet per above I fixed it 3 weeks ago |
where did you see no fix information? |
Oh, I was looking at "Patched versions: unknown". I see the description indicates the fix version now, so that is good. Thanks, sorry for the misunderstanding |
Hi Dave, no problem. Just keep in mind that the link you can see as CVE-2022-47517 (GHSA-c8mq-83h4-gm57) is done automatically by github. The official reference is always at https://cve.mitre.org |
@davehorton @asarubbo Looking at davehorton/sofia-sip@bfc79d8, is CVE-2022-47517 a duplicate of the first part of CVE-2022-31002, and the |
yes, you are right. I will commit the second part of that change shortly |
Hi,
the following remote request is able to crash drachtio:
While I'm not sure if the issue is in libsofia-sip or drachtio, my guess is that it is in libsofia-sip but I'm filing the issue
here because I can reproduce via drachtio.
I'm on v0.8.19-rc12
Attaching the testcase as zipped, but to reproduce you need to unzip.
off-by-one.zip
The text was updated successfully, but these errors were encountered: