[OpenSIPS-Devel] [OpenSIPS/opensips] 4d2361: core: enforce bounds checks on input-derived lengt...
Tristan
noreply at github.com
Wed May 13 12:00:59 UTC 2026
Branch: refs/heads/3.6
Home: https://github.com/OpenSIPS/opensips
Commit: 4d23613b65579b073784a07a65d3bf52443a4efb
https://github.com/OpenSIPS/opensips/commit/4d23613b65579b073784a07a65d3bf52443a4efb
Author: Tristan <1075304+TristanInSec at users.noreply.github.com>
Date: 2026-05-13 (Wed, 13 May 2026)
Changed paths:
M modules/sipmsgops/sipmsgops.c
M msg_translator.c
M net/proto_tcp/tcp_common.h
M parser/parse_body.c
M transformations.c
Log Message:
-----------
core: enforce bounds checks on input-derived lengths (#3888)
- transformations: account for base64 4/3 expansion in b64encode
output length check
- parser/parse_body: validate remaining buffer length before delimiter
comparison in multipart boundary search
- net/proto_tcp: validate Content-Length value before multiplication
to prevent integer wraparound
- sipmsgops: enforce header name length limit in sip_to_json
conversion
- msg_translator: validate total URI length in construct_uri before
writing components
(cherry picked from commit bd32a79eb38429995e30bf7c3859e3ed5b085c49)
To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications
More information about the Devel
mailing list