With this commit, passing -Q to fs_cli will cause fs_cli to not load
or save the command history file (~/.fs_cli_history). This can be
useful e.g. on read-only systems.
This can also be set in the fs_cli configuration file with the option
`no-history-file`.
Windows has a 64 descriptor limit in WSAWaitForMultipleEvents system call.
Implemented some custom login in su_wait to work around this limitation.
Changed SU_WAIT_MAX from 64 to 0x7fffffff, like on other plaftorms.
In some cases where `redisplay()` is called immediately after a
command is run (e.g. `log ...`) we often get a prompt, junk output,
and a second prompt. This is due to a (known) race.
We believe we're falling afoul of this code in `el_deletestr`:
if (el->el_line.cursor < &el->el_line.buffer[n])
return;
Basing the length of text to delete off of the cursor position
resolves the issue of junk text, but the real solution is to eliminate
the race conditions, which will also resolve the sometimes duplicated
prompt.
FS-6764 #resolve
Thanks-to: Nathan Neulinger <nneul@neulinger.org>
When zero was passed for the size to `sub_alloc`, we were passing this
size on to `malloc` or `calloc`, which is unusual enough that static
analyzers warn about this (POSIX says that either NULL or a pointer
will be returned).
We'll instead just return NULL right away.
usleep is deprecated and disabled in glibc 2.12 unless requested. Use
nanosleep instead if available.
This fixes the following compiler warning:
./src/zrtp_iface_scheduler.c: In function 'zrtp_sleep':
./src/zrtp_iface_scheduler.c:96:2: warning: implicit declaration of
function 'usleep' [-Wimplicit-function-declaration]
usleep(msec*1000);
^
These two files should only be built when OpenSSL is not enabled. See
the configure script of the original sources and Makefile from upstream.
(RNG_EXTRA_OBJS)
Fixes a -Wimplicit-function-declaration warning.
Currently only enabled in the analog e&m module but any
signaling module can easily take advantage of it with a small
modification to the signaling module to set span->sig_release_guard_time_ms
This removes our in-tree version of portaudio-19 and migrates
mod_portaudio and mod_portaudio_stream to use the system version of
the library. Our detection of the system library relies on
pkg-config.
This reverts commit b29a41bb1b.
This commit is no longer needed now that proper infrastructure has been
added to allow signaling modules to generate and detect DTMF
The feature macros should only be used for I/O module features
and not for signaling module features
In `srtp_unprotect_rtcp()` we are not validating that the packet
length is as long as the minimum required. This would cause
`enc_octet_len` to underflow, which would cause us to try to decrypt
data past the end of the packet in memory -- a buffer over-read and
buffer overflow.
In `srtp_protect_rtcp()`, we were similarly not validating the packet
length. Here we were also polluting the address of the SRTCP
encrypted flag and index (the `trailer`), causing us to write one word
to a bogus memory address before getting to the encryption where we
would also overflow.
In this commit we add checks to appropriately validate the RTCP/SRTCP
packet lengths.
`srtp_unprotect_rtcp_aead()` (but not protect) did correctly validate
the packet length; this check would now be redundant as the check in
`srtcp_unprotect_rtcp()` will also run first, so it has been removed.
In the defined AEAD modes, SRTP packets must always be encrypted and
authenticated, but SRTCP packets may be only authenticated. It's
possible, therefore, for us to end up in `srtp_protect_aead()` without
the `sec_serv_conf` bit being set. We should just ignore this and
encrypt the RTP packet anyway.
What we are doing instead is encrypting the packet anyway, but setting
`enc_start` to NULL first. This causes `aad_len` to underflow which
will cause us to over-read in `cipher_set_aad()`.
If we could get past that, we would try to read and write memory
starting at 0x0 down in `cipher_encrypt()`.
This commit causes us to not check the `sec_serv_conf` bit and never
set `enc_start` to NULL in `srtp_protect_aead()`.
`srtp_unprotect_aead()` does not contain a similar error.
When computing the start address of the RTP data to encrypt or SRTP
data to decrypt (`enc_start`), we are using `hdr->cc` (the CSRC
count), which is untrusted data from the packet, and the length field
of an RTP header extension, which is also untrusted and unchecked data
from the packet.
This value then pollutes our calculation of how much data we'll be
encrypting or decrypting (`enc_octet_len`), possibly causing us to
underflow.
We'll then call `cipher_encrypt()` or `cipher_decrypt()` with these
two values, causing us to read from and write to arbitrary addresses
in memory.
(In the AEAD functions, we'd also pollute `aad_len`, which would cause
us to read undefined memory in `cipher_set_aad`.)
This commit adds checks to verify that the `enc_start` we calculate is
sane based on the actual packet length.
What we momentarily called log-uuid-chars is now better called
log-uuid-length. Setting log-uuid-length will specify a truncation
length for UUIDs displayed by setting log-uuid.
If log-uuid-short is set, or -S is passed to fs_cli, we only display
the first 8 hex digits of the UUID. The log-uuid-chars option may
instead be set to specify some other truncation length for the UUID.
POSIX says poll.h and signal.h should not be prefixed with sys/ (ie
poll.h instead of sys/poll.h)
limits.h also defines a TZNAME_MAX so we change name of the define for
spandsp.
This library is used only by mod_enum and is available on most
platforms. The version in our tree has many code quality problems
that are generating noise when doing static analysis. Suffice it to
say we want rid of it as our responsibility.
FS-353
Jeff Lenk