[OpenSIPS-Devel] [OpenSIPS/opensips] 11a09c: proto_hep: validate HEPv3 chunk lengths
Răzvan Crainea
noreply at github.com
Tue May 19 15:44:23 UTC 2026
Branch: refs/heads/3.6
Home: https://github.com/OpenSIPS/opensips
Commit: 11a09c71f52adca2e54ed67ce9e7ffb234f176e8
https://github.com/OpenSIPS/opensips/commit/11a09c71f52adca2e54ed67ce9e7ffb234f176e8
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/proto_hep/hep.c
Log Message:
-----------
proto_hep: validate HEPv3 chunk lengths
Reject malformed HEPv3 packet and chunk lengths before parsing
chunk-specific data. This prevents zero-length chunks from stalling the
parser loop and avoids length underflow while walking the advertised
packet body.
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 41756b8a77cdf69bc3aaeb8e88b734a7fa87a26e)
Commit: 789281285aceaee521b42c2a7737a886b82a9713
https://github.com/OpenSIPS/opensips/commit/789281285aceaee521b42c2a7737a886b82a9713
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/proto_hep/hep.c
M modules/proto_hep/proto_hep.c
Log Message:
-----------
proto_hep: reject HEPv3 frames without payload
Treat HEPv3 packets without a payload chunk as malformed before
callbacks or SIP message parsing can consume the zero-initialized
payload pointer and length. Also route UDP unpacking failures through
the existing cleanup path.
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 8fd2109b06b9841627965c42852efdc47c8cf5b4)
Commit: 11ab0a0953edaccba4b05eadd730f6ed8742a84d
https://github.com/OpenSIPS/opensips/commit/11ab0a0953edaccba4b05eadd730f6ed8742a84d
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/rr/loose.c
Log Message:
-----------
rr: bound maddr URI construction
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 02ca6f06492fa92d5ae7583908e84b682a0c34a3)
Commit: 9148a16f6bf1203cbc4822895dda49c48d66586e
https://github.com/OpenSIPS/opensips/commit/9148a16f6bf1203cbc4822895dda49c48d66586e
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/topology_hiding/topo_hiding_logic.c
Log Message:
-----------
topology_hiding: bound encoded contact lengths
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 4195754ca32c9d7e639a334d8d0550b3c30aa826)
Commit: e7a0377d176fdfa94e23eb17333bafe309edbd21
https://github.com/OpenSIPS/opensips/commit/e7a0377d176fdfa94e23eb17333bafe309edbd21
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/b2b_entities/dlg.c
Log Message:
-----------
b2b_entities: bound generated RAck headers
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 7761e3c1e9039d1b6e37ed9c20ee74700a7137a9)
Commit: 8fe61f9a9322fb754c7b074265728a16f556b50c
https://github.com/OpenSIPS/opensips/commit/8fe61f9a9322fb754c7b074265728a16f556b50c
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/b2b_logic/logic.c
Log Message:
-----------
b2b_logic: stop oversized Replaces rewrite
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 381604899574713d1406210b1b066063a16216ee)
Commit: 83c02c65d433460d7329696e7075d0a6e0ff2a99
https://github.com/OpenSIPS/opensips/commit/83c02c65d433460d7329696e7075d0a6e0ff2a99
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/clusterer/topology.c
Log Message:
-----------
clusterer: bound topology packet counts
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 93c286af60ad8101d56198d5a0e4a6e6efbe5e52)
Commit: 570076257e3f804f291c2584d571c9232285a9da
https://github.com/OpenSIPS/opensips/commit/570076257e3f804f291c2584d571c9232285a9da
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/aaa_diameter/app_opensips/app_opensips.c
Log Message:
-----------
aaa_diameter: bound accounting AVP collection
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 9c2c5ff8ecb3e43d2f0e495f26d62b99cd04b0fb)
Commit: 85da0c33a140e020f97a3bc95b457c835934680e
https://github.com/OpenSIPS/opensips/commit/85da0c33a140e020f97a3bc95b457c835934680e
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/mid_registrar/gruu.c
M modules/mid_registrar/save.c
M modules/registrar/reply.c
Log Message:
-----------
registrar: dinamically grow temporary GRUU buffer
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 7a51936e08705eec202be5dced2ab3c22bc9fd14)
Commit: 245c8ad107dc12f000984b78e774cf0ec6115355
https://github.com/OpenSIPS/opensips/commit/245c8ad107dc12f000984b78e774cf0ec6115355
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M sdp_ops.c
Log Message:
-----------
sdp: bound parsed SDP line count
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 34d244171aa0aba7892c5567708cd4179aebb341)
Commit: ba31dfae3c3899813ee8554b482cd583501d1951
https://github.com/OpenSIPS/opensips/commit/ba31dfae3c3899813ee8554b482cd583501d1951
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/httpd/httpd_proc.c
M modules/pi_http/http_fnc.c
Log Message:
-----------
pi_http: avoid POST argument OOB access
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 3ac1244805d96ab5e717a9c5e6c1c3af453efb18)
Commit: 33f46829150ecd4aac44e4315646d0c7b1387977
https://github.com/OpenSIPS/opensips/commit/33f46829150ecd4aac44e4315646d0c7b1387977
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M bin_interface.c
Log Message:
-----------
bin: validate received packet bounds
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 76b61fefdb0ae125583030be5f999b74756a056c)
Commit: aa3b1bec048faa9491d995d0f6f07423a4847858
https://github.com/OpenSIPS/opensips/commit/aa3b1bec048faa9491d995d0f6f07423a4847858
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/usrloc/urecord.c
Log Message:
-----------
usrloc: fix cachedb contact match key size
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit 47e027c038d1c699bb1e5ed33731054f58aeffcc)
Commit: dc241fb0062b7985fd539a40f12b516fe4dadd1b
https://github.com/OpenSIPS/opensips/commit/dc241fb0062b7985fd539a40f12b516fe4dadd1b
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/proto_smpp/proto_smpp.c
M modules/proto_smpp/smpp.c
M modules/proto_smpp/utils.c
Log Message:
-----------
proto_smpp: harden SMPP string bounds
Reported-by: Haruto Kimura (Stella)
Reported-by: jming912
Fixes #3847
Fixes #3848
(cherry picked from commit ad715b5dc1d5e7aecf27e11839f99d510bdeaea6)
Commit: b23299a8352a0967dc338656e150c9b2722b716f
https://github.com/OpenSIPS/opensips/commit/b23299a8352a0967dc338656e150c9b2722b716f
Author: Razvan Crainea <razvan at opensips.org>
Date: 2026-05-19 (Tue, 19 May 2026)
Changed paths:
M modules/compression/compression.c
M modules/compression/gz_helpers.c
Log Message:
-----------
compression: fix decompression bounds checks
Reported-by: Haruto Kimura (Stella)
(cherry picked from commit e78608619b9ebe7454e0c9ce43e5d56762f9c47a)
Compare: https://github.com/OpenSIPS/opensips/compare/784938e42c8d...b23299a8352a
To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications
More information about the Devel
mailing list