During Asterisk's pedantic SIP processing the From header value is passed to the ast_uri_decode function to be decoded. In two instances it is possible for the code to cause a crash as the From header value is not checked to be non-NULL before being passed to the function.

http://www.securiteam.com/securitynews/5SP0115OKC.html