Re: [reSIProcate] Message::operator<<

[Rohan Mahy <rohan@xxxxxxxxx>]

On Jul 15, 2004, at 2:40 PM, david Butcher wrote:

> If we feel that strongly about it, we can do something inside logging.
> Forcing the cost onto the inserter in general seems wrong.

agreed on both counts.

thx,
-r

> david
>
> > -----Original Message-----
> > From: Rohan Mahy [mailto:rohan@xxxxxxxxx]
> > Sent: Thursday, July 15, 2004 2:28 PM
> > To: david Butcher
> > Cc: resiprocate-devel@xxxxxxxxxxxxxxxxxxx; Rohan Mahy
> > Subject: Re: [reSIProcate] Message::operator<<
> >
> >
> > Hey,
> >
> > This really concerns me from a security point of view.  If there is 
> > any
> > chance that an attacker can use a program that just writes out a
> > message to a log (for example) as an attack vector then I think we
> > should pay the performance penalty to protect the app developer.
> >
> > thx,
> > -r
> >
> > On Jul 15, 2004, at 1:19 PM, david Butcher wrote:
> >
> > > Hi all,
> > >
> > > I removed the the call to escaped() in Message::operator<<.
> > > This was an efficiency hit and breaks UTF-8.
> > >
> > > Apps calling only msg->encode(stream) are not exposed to this 
> > > problem.
> > >
> > > We don't deal with %xx encoding on the read side anyway.
> > > I have some ideas about how to deal with this if any one needs to in
> > > the
> > > short term.
> > >
> > > Some of us have been careful to escape when outputting to the log.
> > > This change may reduce logging safety. If you want to encode a 
> > > message
> > > going
> > > to the log,
> > > use << Data::from(*msg).escaped() rather than just << *msg.
> > >
> > > david
> > >
> > > _______________________________________________
> > > resiprocate-devel mailing list
> > > resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> > > https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel