[OpenSIPS-Devel] [OpenSIPS/opensips] 5f103e: core: enforce bounds checks on input-derived lengt...
Tristan
noreply at github.com
Wed May 13 12:00:57 UTC 2026
Branch: refs/heads/4.0
Home: https://github.com/OpenSIPS/opensips
Commit: 5f103effaf5f372cccffe0b138f16998eba12668
https://github.com/OpenSIPS/opensips/commit/5f103effaf5f372cccffe0b138f16998eba12668
Author: Tristan <1075304+TristanInSec at users.noreply.github.com>
Date: 2026-05-13 (Wed, 13 May 2026)
Changed paths:
M modules/sipmsgops/sipmsgops.c
M msg_translator.c
M net/proto_tcp/tcp_common.h
M parser/parse_body.c
M transformations.c
Log Message:
-----------
core: enforce bounds checks on input-derived lengths (#3888)
- transformations: account for base64 4/3 expansion in b64encode
output length check
- parser/parse_body: validate remaining buffer length before delimiter
comparison in multipart boundary search
- net/proto_tcp: validate Content-Length value before multiplication
to prevent integer wraparound
- sipmsgops: enforce header name length limit in sip_to_json
conversion
- msg_translator: validate total URI length in construct_uri before
writing components
(cherry picked from commit bd32a79eb38429995e30bf7c3859e3ed5b085c49)
To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications
More information about the Devel
mailing list