DeforaNetworks/siproxd
DeforaNetworks/siproxd
3
0
Fork 0
Code Releases Activity

- fix: siproxd could crash when trying to rewrite a malformed

Browse Source 
SIP message. (thank you, Lucas)
This commit is contained in:
Thomas Ries 2010-03-29 17:28:12 +00:00
parent ef8ae740f2
commit e46d64fa7b
2 changed files with 44 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/proxy.c
View File

@ -807,11 +807,15 @@ if (configuration.debuglevel)
size_t tmplen; size_t tmplen;
sts = osip_message_get_body(mymsg, 0, &body); sts = osip_message_get_body(mymsg, 0, &body);
sts = sip_body_to_str(body, &tmp, &tmplen); sts = sip_body_to_str(body, &tmp, &tmplen);
osip_content_length_to_str(mymsg->content_length, &tmp2); if (sts == 0) {
DEBUG("Body before rewrite (may be truncated) - (clen=%s, strlen=%ld):\n%s\n----", osip_content_length_to_str(mymsg->content_length, &tmp2);
tmp2, (long)tmplen, tmp); DEBUG("Body before rewrite (may be truncated) - (clen=%s, strlen=%ld):\n%s\n----",
osip_free(tmp); tmp2, (long)tmplen, tmp);
osip_free(tmp2); osip_free(tmp);
osip_free(tmp2);
} else {
DEBUG("Body before rewrite: failed to decode!");
}
} }
/* /*
@ -1158,11 +1162,15 @@ if (configuration.debuglevel)
size_t tmplen; size_t tmplen;
sts = osip_message_get_body(mymsg, 0, &body); sts = osip_message_get_body(mymsg, 0, &body);
sts = sip_body_to_str(body, &tmp, &tmplen); sts = sip_body_to_str(body, &tmp, &tmplen);
osip_content_length_to_str(mymsg->content_length, &tmp2); if (sts == 0) {
DEBUG("Body after rewrite (may be truncated) - (clen=%s, strlen=%ld):\n%s\n----", osip_content_length_to_str(mymsg->content_length, &tmp2);
tmp2, (long)tmplen, tmp); DEBUG("Body after rewrite (may be truncated) - (clen=%s, strlen=%ld):\n%s\n----",
osip_free(tmp); tmp2, (long)tmplen, tmp);
osip_free(tmp2); osip_free(tmp);
osip_free(tmp2);
} else {
DEBUG("Body after rewrite: failed to decode!");
}
} }
return STS_SUCCESS; return STS_SUCCESS;
} }

36
src/sip_layer.c
View File

@ -36,23 +36,39 @@ int sip_message_parse(osip_message_t * sip, const char *buf, size_t len) {
int sip_message_to_str(osip_message_t * sip, char **dest, size_t *len) { int sip_message_to_str(osip_message_t * sip, char **dest, size_t *len) {
int sts; int sts;
/* check params */
if ((len == NULL) || (dest == NULL) || (*dest == NULL)) return -1;
len=0;
sts = osip_message_to_str(sip, dest, len); sts = osip_message_to_str(sip, dest, len);
/* if (sts == 0) {
* NULL termination (libosip2-2.2.0 does NOT do this properly, /*
* there is always one byte too much :-( ) * NULL termination (libosip2-2.2.0 does NOT do this properly,
*/ * there is always one byte too much :-( )
(*dest)[*len]='\0'; */
if (len >= 0) (*dest)[*len]='\0';
}
return sts; return sts;
} }
int sip_body_to_str(const osip_body_t * body, char **dest, size_t *len) { int sip_body_to_str(const osip_body_t * body, char **dest, size_t *len) {
int sts; int sts;
/* check params */
if ((len == NULL) || (dest == NULL) || (*dest == NULL)) return -1;
len=0;
sts = osip_body_to_str(body, dest, len); sts = osip_body_to_str(body, dest, len);
/* if (sts == 0) {
* NULL termination (libosip2-2.2.0 does NOT do this properly, /*
* there is always one byte too much :-( ) * NULL termination (libosip2-2.2.0 does NOT do this properly,
*/ * there is always one byte too much :-( )
(*dest)[*len]='\0'; */
if (len >= 0) (*dest)[*len]='\0';
}
return sts; return sts;
} }