[OpenSIPS-Devel] [ opensips-Bugs-2202134 ] "strncmp" should not be used to match header names

SourceForge.net noreply at sourceforge.net
Tue Oct 28 11:38:30 CET 2008 

Bugs item #2202134, was opened at 2008-10-28 00:03
Message generated for change (Comment added) made by ibc_sf
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=2202134&group_id=232389

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: trunk
Status: Open
Resolution: Fixed
Priority: 5
Private: No
Submitted By: Iñaki Baz (ibc_sf)
Assigned to: Bogdan-Andrei Iancu (bogdan_iancu)
Summary: "strncmp" should not be used to match header names

Initial Comment:
All those results are bugs since they expect header names being case sensitive:

~# /usr/src/opensips-trunk/sources/modules$ grep -ri "strncmp(h" * | grep -v svn
peering/verify.c:       if (strncmp(hf->name.s, "P-Request-Hash",
presence/publish.c:             if(strncmp(hdr->name.s, "SIP-If-Match",12)==0||
presence/publish.c:                             strncmp(hdr->name.s,"Sip-If-Match",12)==0 )
pua/send_publish.c:             if(strncmp(hdr->name.s, "SIP-ETag",8)==0 )
pua_bla/notify.c:               if(strncmp(hdr->name.s, "Subscription-State",18)==0 )
pua_mi/mi_func.c:                       if(strncmp(hdr->name.s, "SIP-ETag",8)==0 )
pua_xmpp/simple2xmpp.c:                 if(strncmp(hdr->name.s, "Subscription-State",18)==0 )
pua_xmpp/simple2xmpp.c:                         if(strncmp(hdr->name.s, "Subscription-State",18)==0 )
pua_xmpp/simple2xmpp.c:                 if(hdr && strncmp(hdr->body.s,"terminated", 10)== 0)
rls/subscribe.c:                if(strncmp(hdr->name.s, "Support", 7)== 0)
rls/subscribe.c:                        if(strncmp(hdr->body.s+ i, "eventlist", 9)== 0)
rls/resource_notify.c:          if(strncmp(hdr->name.s, "Subscription-State", 18)==0)

----------------------------------------------------------------------

>Comment By: Iñaki Baz (ibc_sf)
Date: 2008-10-28 11:38

Message:
I updated it when I read your previous post. But now I've updated again
(now in revision 4842). It seems that before the commits were not available
yet.
Now header names matching are fixed, thanks a lot.

----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-10-28 11:27

Message:
Inaki, have you updated your checkout? all the header searches were fixed
(like in peering, pua_bla, rls, pua_mi, pua_xmpp and presence).

On the other items from the list - uri scheme, values in the headers, SDP
info - indeed, they should be case insensitive.

Please update the list after a SVN update. (use trunk)

Thanks and regards,
Bogdan

----------------------------------------------------------------------

Comment By: Iñaki Baz (ibc_sf)
Date: 2008-10-28 10:39

Message:
I still see the following potential erros. Some of them are header names,
other are protocols "sip = SIP = SiP", parameters, also SDP attributes
(AFAIK SDP is also case insensitive):

modules/msilo/msilo.c:                  if(!ctaddr.s || ctaddr.len < 6 ||
strncmp(ctaddr.s, "sip:", 4)
modules/peering/verify.c:       if (strncmp(hf->name.s, "P-Request-Hash",
modules/pua_bla/notify.c:               if(strncmp(hdr->name.s,
"Subscription-State",18)==0 )
modules/pua_bla/notify.c:                       if(strncmp(sep+1,
"expires=", 8)!= 0)
modules/mediaproxy/mediaproxy.c:    if (strncmp(uri.s, "sip:", 4)==0) {
modules/mediaproxy/mediaproxy.c:    if (strncmp(uri.s, "sip:", 4)==0) {
modules/mediaproxy/mediaproxy.c:            if (strncmp(line.s,
"sendrecv", 8)==0 || strncmp(line.s, "sendonly", 8)==0 ||
modules/mediaproxy/mediaproxy.c:                strncmp(line.s,
"recvonly", 8)==0 || strncmp(line.s, "inactive", 8)==0) {
modules/rls/subscribe.c:                if(ev_param->name.len== 2 &&
strncmp(ev_param->name.s, "id", 2)== 0)
modules/rls/subscribe.c:                if(strncmp(hdr->name.s, "Support",
7)== 0)
modules/rls/subscribe.c:                        if(strncmp(hdr->body.s+ i,
"eventlist", 9)== 0)
modules/rls/resource_notify.c:          if(strncmp(smc+1, "reason=", 7))
modules/rls/resource_notify.c:          if(strncmp(smc+1, "expires=", 8))
modules/rls/resource_notify.c:          if(strncmp(hdr->name.s,
"Subscription-State", 18)==0)
modules/rls/resource_notify.c:                 
if(strncmp(row_vals[resource_uri_col].val.string_val,
modules/pua_mi/mi_func.c:                       if(strncmp(hdr->name.s,
"SIP-ETag",8)==0 )
modules/pua/send_publish.c:             if(strncmp(hdr->name.s,
"SIP-ETag",8)==0 )
modules/pua_xmpp/simple2xmpp.c:                
(strncmp(msg->event->body.s,"presence",8 )==0))
modules/pua_xmpp/simple2xmpp.c:                
(strncmp(msg->event->body.s,"presence.winfo",14 )==0))
modules/pua_xmpp/simple2xmpp.c:                 if(strncmp(hdr->name.s,
"Subscription-State",18)==0 )
modules/pua_xmpp/simple2xmpp.c:         if(hdr &&
strncmp(hdr->body.s,"terminated", 10)== 0)
modules/pua_xmpp/simple2xmpp.c:                
if(strncmp(hdr->body.s+11,"reason=timeout", 14)== 0)
modules/pua_xmpp/simple2xmpp.c:                        
if(strncmp(hdr->name.s, "Subscription-State",18)==0 )
modules/pua_xmpp/simple2xmpp.c:                 if(hdr &&
strncmp(hdr->body.s,"terminated", 10)== 0)
modules/uac/auth_hdr.c:                         if(val.len>=4 &&
!strncmp(val.s, "auth", 4))
modules/presence_mwi/add_events.c:    if (strncmp(body.s,
"Messages-Waiting", 16) != 0) goto err;
modules/presence_mwi/add_events.c:    if (strncmp(at, "yes", 3) == 0) at =
at + 3;
modules/presence_mwi/add_events.c:      if (strncmp(at, "no", 2) == 0) at
= at + 2;
modules/imc/imc_cmd.c:  if(cmd->param[0].len<4 || strncmp(cmd->param[0].s,
"sip:", 4)!=0)
modules/imc/imc_cmd.c:  if(cmd->param[0].len<=4 ||
strncmp(cmd->param[0].s, "sip:", 4)!=0)
modules/speeddial/sdlookup.c:   if(user_s.len<4 || strncmp(user_s.s,
"sip:", 4))
modules/presence/event_list.c:  if(sep && strncmp(sep+1, "winfo", 5)== 0)
modules/presence/publish.c:             if(strncmp(hdr->name.s,
"SIP-If-Match",12)==0||
modules/presence/publish.c:                            
strncmp(hdr->name.s,"Sip-If-Match",12)==0 )
parser/parse_event.c:                           _e->params->name.len== 3
&& strncmp(_e->params->name.s, "sla", 3)== 0 )
parser/sdp/sdp_helpr_funcs.c:   if (strncmp(body->s, "a=rtpmap:", 9) !=0)
{
parser/sdp/sdp_helpr_funcs.c:   if ( !( (strncmp(cp1, "a=sendrecv", 10) ==
0) ||
parser/sdp/sdp_helpr_funcs.c:           (strncmp(cp1, "a=inactive", 10) ==
0) ||
parser/sdp/sdp_helpr_funcs.c:           (strncmp(cp1, "a=recvonly", 10) ==
0) ||
parser/sdp/sdp_helpr_funcs.c:           (strncmp(cp1, "a=sendonly", 10) ==
0) )) {


----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-10-28 10:23

Message:
OK - the fix is available on SVN trunk - after some testing, I will prepare
a backport on 1.4.

Thanks and regards,
Bogdan

----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-10-28 09:13

Message:
Hi Iñaki,

I agree with this - I will do the changes.

Regards,
Bogdan

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=2202134&group_id=232389

More information about the Devel mailing list