Comment 6 for bug 94792

The above commit was what was released for the 1.2.16 update (CVE-2007-1306). I suspect the new issue (which needs a CVE) was fixed with this commit:

http://svn.digium.com/view/asterisk/branches/1.2/channels/chan_sip.c?r1=58115&r2=58579

Note that as described in the announcement, if an invalid IP is included on a connection line, the resulting hp-> deref will segfault without the above return -1.

I imagine using "sipsak", you could produce the needed values. There are some example protocol dumps that include the "c=IN IP4" lines here:

http://www.ietf.org/internet-drafts/draft-ietf-sip-connected-identity-05.txt