[Linphone-developers] Linphone security

[Hilman Fitriana]

Hello, I'm trying a voip communication system where asterisk as server and the linphone as enpoint.

Now, I am trying to modify the communication payload encryption method in srtp where the method module that I applied causes the size of the communication payload to increase to twice its original size. I applied this encryption module to the linphone as well as the asterisk where asterisk mechanism requires plaintext to be processed first before being re-encrypted and sent to its final destination.

When conducting a communication test, the sender and receiver (linphone) fail and only a few packets are sent before the application is forced out, with different errors including:
 - segmentation fault,
 - bus error,
 - corruption size vs previous size,
 - memory chunk control structure fields in the adjacent following chunk are -being overwritten due to out-of-bounds,
 - stack smashing detected,
 - malloc memory corruption,
 - munmap_chunk

On the server itself, I think it doesn't cause problems because it doesn't appear in the file logger. I think the error on the linphone occurred related to the access of unallocated memory to store excess data from the encryption process, thus requiring new memory allocation. What I want to ask is how to reallocate memory from plaintext (enc_start pointer) and where should I add it? Is it on the srtp module itself, or on the mediastreamer module that uses the srtp function or is it possible on the ortp function?

Or is this because the clone process for a new stream uses an old template where the excess data due to the previous encryption process is not readjusted?

Best Regards,
Hilman