[OpenSIPS-Devel] [ opensips-Bugs-3571806 ] Non-printable Characters in Via Host

SourceForge.net noreply at sourceforge.net
Mon Oct 22 21:26:09 CEST 2012


Bugs item #3571806, was opened at 2012-09-25 23:25
Message generated for change (Comment added) made by dmsanders
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=3571806&group_id=232389

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: core
Group: 1.8.x
Status: Open
Resolution: Fixed
Priority: 5
Private: No
Submitted By: David Sanders (dmsanders)
Assigned to: Bogdan-Andrei Iancu (bogdan_iancu)
Summary: Non-printable Characters in Via Host

Initial Comment:
RFC 3261 doesn't allow non-printable characters (minus CRLF ending the Via header) in the host portion of the Via header.

However, OpenSIPs seems to tolerate them. PJSIP has a bug that sends gibberish for a host in the Via on some unregisters. This is tolerated by OpenSIPs on receive, but causes issues later on in the reply, which goes out with a blank host. In particular nat_traversal can't parse the reply because the host is blank.

It seems that the parsing of the Via header should be tightened to only allow printable characters as a host.

----------------------------------------------------------------------

>Comment By: David Sanders (dmsanders)
Date: 2012-10-22 12:26

Message:
Hi Bogdan,

I've tested the patch you provided, and it successfully detects the type of
bogus VIAs I was seeing.

However, it doesn't trigger the "error_route" I have in the OpenSIPS
script, so I'm not able to send a response to the malformed REGISTER which
had the bad VIA. This leads to the client retrying the bad message several
times.

Would it be possible for this parsing error to jump to the "error_route" so
that I can respond with a 400 to the REGISTER and stop the
retransmissions?

- David

----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2012-10-21 02:47

Message:
Hi David,

Here is a patch to address this problem - I did some first testing on my
side, but give it a try too - I want to be 100% sure first it does not
break anything and second it detects the kind of bogus VIA you have.

Thanks and regards,
Bogdan

----------------------------------------------------------------------

Comment By: David Sanders (dmsanders)
Date: 2012-10-12 14:02

Message:
Here you go Bogdan.

I took the example out of the sip_trace table in our MySQL database. Thoe
host is gibberish but the port number is OK. OpenSIPS doesn't complain
about parsing errors until it is sending the 401 response.

REGISTER sip:19192972172 at 72.215.176.13:5060 SIP/2.0
Via: SIP/2.0/UDP ‰¡read   
:13611;rport;branch=z9hG4bKPjBb-CLCWWBdliGJLBdVQq5L3VvfyD3QGt
Max-Forwards: 69
From: <sip:19192972172 at 72.215.176.13>;tag=6g8qHX7UCoq0klHC5y8FcEoEqOqGIMIl
To: <sip:19192972172 at 72.215.176.13>
Call-ID: DwRnHUucA06j2QdrYIFaKnrkuYpnZ0As
CSeq: 51957 REGISTER
Contact:
<sip:19192972172 at 72.215.176.1:13611;transport=UDP;rinstance=30b85fb46d764d69>
Expires: 0
Authorization: Digest username="19192972172", realm="72.215.176.13",
nonce="50783011000007583df53abb709e661070948fd84a90f378",
uri="sip:19192972172 at 72.215.176.13:5060",
response="99c332dcb3b20051391f0e589f203983"
Content-Length:  0

                                                                           
                                                                           
                                   SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP ;received=72.215.176.1;rport=13611‰¡read
From: <sip:19192972172 at 72.215.176.13>;tag=6g8qHX7UCoq0klHC5y8FcEoEqOqGIMIl
To:
<sip:19192972172 at 72.215.176.13>;tag=9ee60da17230fa4987e498ef1c101576.0000
Call-ID: DwRnHUucA06j2QdrYIFaKnrkuYpnZ0As
CSeq: 51957 REGISTER
WWW-Authenticate: Digest realm="72.215.176.13",
nonce="507830240000075ff0bbdb222655467b236709b177002a39", stale=true
Server: Pinger.com PROXY 1.8
Content-Length: 0


----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2012-10-12 06:57

Message:
David, could you post here such a bogus VIA ?

Thanks

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=3571806&group_id=232389



More information about the Devel mailing list