Bug#991170: asterisk: chan_sip stream transport breaks after NUL characters in message body

Ondřej Holas ondrej.holas at post.cz
Fri Jul 16 13:13:23 BST 2021 

Package: asterisk
Version: 1:16.16.1~dfsg-1~bpo10+1
Severity: important
Tags: upstream

When chan_sip processes incoming SIP message and its body contains NUL
characters (for example due to deflate encoding), reading body from buffer
stops at the NUL character, thus ignoring the rest of the buffer and waiting
for additional incoming data to catch up all data of size indicated in
the Content-Length header. Effectively this behavior causes breakup of
SIP communication - ignoring subsequent messages and returning errors
"method not implemented".

Steps to reproduce:

- set up Linhone for Android to register with Asterisk
- in rasterisk, turn on debugging for the new peer: "sip set debug peer 
xxxx"
- in Linphone's settings, turn on Settings/Contacts/Friendlist subscribe
- in rasterisk, wait for the SUBSCRIBE message with deflated body
- in Linphone, try to place a call
- the INVITE message is not processed as chan_sip believes to be 
continuation
  of body belonging to the preceding SUBSCRIBE message

-- System Information:
Debian Release: 10.10
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-0.bpo.7-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_
US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages asterisk depends on:
ii  adduser                  3.118
ii  asterisk-config          1:16.16.1~dfsg-1~bpo10+1
ii  asterisk-core-sounds-en  1.6.1-1
ii  asterisk-modules         1:16.16.1~dfsg-1~bpo10+1
ii  libc6                    2.28-10
ii  libcap2                  1:2.25-2
ii  libedit2                 3.1-20181209-1
ii  libjansson4              2.12-1
ii  libpopt0                 1.16-12
ii  libsqlite3-0             3.27.2-3+deb10u1
ii  libssl1.1                1.1.1d-0+deb10u6
ii  libsystemd0              241-7~deb10u7
ii  liburiparser1            0.9.1-1
ii  libuuid1                 2.33.1-0.1
ii  libxml2                  2.9.4+dfsg1-7+deb10u2
ii  libxslt1.1               1.1.32-2.2~deb10u1
ii  lsb-base                 10.2019051400

Versions of packages asterisk recommends:
ii  asterisk-moh-opsound-gsm                         2.03-1
pn  asterisk-voicemail | asterisk-voicemail-storage  <none>
pn  sox                                              <none>

Versions of packages asterisk suggests:
pn  asterisk-dahdi   <none>
pn  asterisk-dev     <none>
pn  asterisk-doc     <none>
pn  asterisk-ooh323  <none>
pn  asterisk-opus    <none>
pn  asterisk-vpb     <none>

-- Configuration Files:
/etc/logrotate.d/asterisk changed [not included]

-- no debconf information
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-voip-maintainers/attachments/20210716/471805ed/attachment.htm>

More information about the Pkg-voip-maintainers mailing list