Guest

Preview Tool

Cisco Bug: CSCte44391 - kpml message over 24 characters causes ccm coredump

Last Modified

Jan 31, 2017

Products (3)

  • Cisco Unified Communications Manager (CallManager)
  • Cisco Unity Connection Version 7.1
  • Cisco Unified Communications Manager Version 7.1

Known Affected Releases

7.1(2) 8.0(2)

Description (partial)

Symptom:
CCM service will core.

At the time of the core, there is a sip notify message with kpml string that exceeds the 24 character max length for that variable. This causes ccm to write outside the assigned buffer and creates a core.


Conditions:
Seen in UCM 7.1.2.3190.1

The culprit is a message similar to the one below, note: fields have been replaced with "*****" for privacy reasons.


NOTIFY sip:*****:5060 SIP/2.0
Via: SIP/2.0/UDP
*****:5060;branch=z9hG4bKiXO+XuV+shSiNYWgMAsAdw~~1913258
Max-Forwards: 69
To:
<sip:*****@*****;transport=udp>;tag=7e86377c-d658-423a-932e-
a2aff344b162-41672876
From: <sip:*****@*****:5060>;tag=ds1ba4d894
Call-ID:
789C5A71E9BE11DEB0B8DB8655563C4D-126099903232969497@*****
<mailto:789C5A71E9BE11DEB0B8DB8655563C4D-126099903232969497@*****> 
CSeq: 2 NOTIFY
Content-Length: 195
Contact: <sip:*****@*****;transport=udp>
Date: Wed, 16 Dec 2009 21:36:14 GMT
Event: kpml
Subscription-State: active
Content-Type: application/kpml-response+xml

<?xml version="1.0" encoding="UTF-8"?><kpml-response version="1.0"
code="200" text="OK" forced_flush="true"
digits="2351871111880037326#101091970#121880037326#101091970#108252009#"
tag="dtmf"/>
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.