[OpenSIPS-Devel] [OpenSIPS/opensips] f1f67d: Improve robustness of core URI copying functions
Liviu Chircu
liviu at opensips.org
Thu Mar 24 22:03:38 CET 2016
Branch: refs/heads/2.1
Home: https://github.com/OpenSIPS/opensips
Commit: f1f67d99d3cac828e270c69ca5295c2d89fe13be
https://github.com/OpenSIPS/opensips/commit/f1f67d99d3cac828e270c69ca5295c2d89fe13be
Author: Liviu Chircu <liviu at opensips.org>
Date: 2016-03-24 (Thu, 24 Mar 2016)
Changed paths:
M parser/msg_parser.c
M serialize.c
Log Message:
-----------
Improve robustness of core URI copying functions
Namely set_ruri(), set_dst_uri(), set_path_vector().
This patch corrects the behaviour of the above functions when they are
fed strange/corrupt strings, such as {NULL, 5} or {0x7fb..., 0}.
There are still plenty of pieces of OpenSIPS code which assume such
strings should be correctly processed, e.g. next_branches(), which may
lead to a whole world of problems ranging from segfaults, double free
operations and dangling pointers all the way up to intermixed shm/pkg
memory pointers.
The best way of addressing this issue is to simply accept such input and
zeroize (and free) the concerned sip_msg attributes.
Many thanks to Ovidiu Sas <osas at voipembedded.com> for in-depth error
reporting and assistance in fixing this issue
(cherry picked from commit 2787308f68e6ee878dcf710cd7b36992af62aab9)
More information about the Devel
mailing list