[OpenSIPS-Devel] [OpenSIPS/opensips] 99669a: proto_hep: validate HEPv3 chunk lengths
Răzvan Crainea
noreply at github.com
Tue May 19 15:44:10 UTC 2026
Branch: refs/heads/4.0
Home: https://github.com/OpenSIPS/opensips
Commit: 99669a9019ff3b259ddab969a6657172d25983c9
https://github.com/OpenSIPS/opensips/commit/99669a9019ff3b259ddab969a6657172d25983c9
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/proto_hep/hep.c
Log Message:
-----------
proto_hep: validate HEPv3 chunk lengths
Reject malformed HEPv3 packet and chunk lengths before parsing
chunk-specific data. This prevents zero-length chunks from stalling the
parser loop and avoids length underflow while walking the advertised
packet body.
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 41756b8a77cdf69bc3aaeb8e88b734a7fa87a26e)
Commit: 06712cb5d9507bbd94aab20e12a56a4576fbce1c
https://github.com/OpenSIPS/opensips/commit/06712cb5d9507bbd94aab20e12a56a4576fbce1c
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/proto_hep/hep.c
M modules/proto_hep/proto_hep.c
Log Message:
-----------
proto_hep: reject HEPv3 frames without payload
Treat HEPv3 packets without a payload chunk as malformed before
callbacks or SIP message parsing can consume the zero-initialized
payload pointer and length. Also route UDP unpacking failures through
the existing cleanup path.
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 8fd2109b06b9841627965c42852efdc47c8cf5b4)
Commit: 5589fb1cd99f42f278067eb2ee2ec420308ee3c0
https://github.com/OpenSIPS/opensips/commit/5589fb1cd99f42f278067eb2ee2ec420308ee3c0
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/rr/loose.c
Log Message:
-----------
rr: bound maddr URI construction
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 02ca6f06492fa92d5ae7583908e84b682a0c34a3)
Commit: 626112c9aa60bb3c14afe6d3d5fcd8b30097b4e2
https://github.com/OpenSIPS/opensips/commit/626112c9aa60bb3c14afe6d3d5fcd8b30097b4e2
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/topology_hiding/topo_hiding_logic.c
Log Message:
-----------
topology_hiding: bound encoded contact lengths
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 4195754ca32c9d7e639a334d8d0550b3c30aa826)
Commit: 61d6152d8a08765197cf0bcec4b9c9570d28258e
https://github.com/OpenSIPS/opensips/commit/61d6152d8a08765197cf0bcec4b9c9570d28258e
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/b2b_entities/dlg.c
Log Message:
-----------
b2b_entities: bound generated RAck headers
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 7761e3c1e9039d1b6e37ed9c20ee74700a7137a9)
Commit: 5844e56613452f36e655f08cae0102270ca8373e
https://github.com/OpenSIPS/opensips/commit/5844e56613452f36e655f08cae0102270ca8373e
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/b2b_logic/logic.c
Log Message:
-----------
b2b_logic: stop oversized Replaces rewrite
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 381604899574713d1406210b1b066063a16216ee)
Commit: 0a728fd6e8f4cebecdb42c132dae452b69be7685
https://github.com/OpenSIPS/opensips/commit/0a728fd6e8f4cebecdb42c132dae452b69be7685
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/clusterer/topology.c
Log Message:
-----------
clusterer: bound topology packet counts
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 93c286af60ad8101d56198d5a0e4a6e6efbe5e52)
Commit: d8ac1ba5b9c581d544ea89c82124463039a63d6c
https://github.com/OpenSIPS/opensips/commit/d8ac1ba5b9c581d544ea89c82124463039a63d6c
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/aaa_diameter/app_opensips/app_opensips.c
Log Message:
-----------
aaa_diameter: bound accounting AVP collection
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 9c2c5ff8ecb3e43d2f0e495f26d62b99cd04b0fb)
Commit: 73230d7503f1de6df687ea67cfb57cb7f0d2025a
https://github.com/OpenSIPS/opensips/commit/73230d7503f1de6df687ea67cfb57cb7f0d2025a
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/mid_registrar/gruu.c
M modules/mid_registrar/save.c
M modules/registrar/reply.c
Log Message:
-----------
registrar: dinamically grow temporary GRUU buffer
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 7a51936e08705eec202be5dced2ab3c22bc9fd14)
Commit: a2f621c8a9612e81b7b3e582747c87f9c8e69c53
https://github.com/OpenSIPS/opensips/commit/a2f621c8a9612e81b7b3e582747c87f9c8e69c53
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M sdp_ops.c
Log Message:
-----------
sdp: bound parsed SDP line count
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 34d244171aa0aba7892c5567708cd4179aebb341)
Commit: ec9f4425e40632030d9cd8c5b2b4e7b99ec50956
https://github.com/OpenSIPS/opensips/commit/ec9f4425e40632030d9cd8c5b2b4e7b99ec50956
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/httpd/httpd_proc.c
M modules/pi_http/http_fnc.c
Log Message:
-----------
pi_http: avoid POST argument OOB access
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 3ac1244805d96ab5e717a9c5e6c1c3af453efb18)
Commit: 00c434d32c01844b4bd3facf74e8673ec9a2e11a
https://github.com/OpenSIPS/opensips/commit/00c434d32c01844b4bd3facf74e8673ec9a2e11a
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M bin_interface.c
Log Message:
-----------
bin: validate received packet bounds
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 76b61fefdb0ae125583030be5f999b74756a056c)
Commit: d703b76c749cbed75fe265a344cffa646b3388a1
https://github.com/OpenSIPS/opensips/commit/d703b76c749cbed75fe265a344cffa646b3388a1
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/usrloc/urecord.c
Log Message:
-----------
usrloc: fix cachedb contact match key size
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 47e027c038d1c699bb1e5ed33731054f58aeffcc)
Commit: d2363d31dc9ebc7a32edd5c4a6c4610acc350373
https://github.com/OpenSIPS/opensips/commit/d2363d31dc9ebc7a32edd5c4a6c4610acc350373
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/proto_smpp/proto_smpp.c
M modules/proto_smpp/smpp.c
M modules/proto_smpp/utils.c
Log Message:
-----------
proto_smpp: harden SMPP string bounds
Reported-by: Haruto Kimura (Stella)
Reported-by: jming912
Fixes #3847
Fixes #3848
(cherry picked from commit ad715b5dc1d5e7aecf27e11839f99d510bdeaea6)
Commit: 4232171dfccec1ef5539cb9f17aae3753993d578
https://github.com/OpenSIPS/opensips/commit/4232171dfccec1ef5539cb9f17aae3753993d578
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/compression/compression.c
M modules/compression/gz_helpers.c
Log Message:
-----------
compression: fix decompression bounds checks
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit e78608619b9ebe7454e0c9ce43e5d56762f9c47a)
Compare: https://github.com/OpenSIPS/opensips/compare/9a8499142c5e...4232171dfcce
To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications
More information about the Devel
mailing list