reSIProcate

Mailing Lists

Source Code

Google Search:



< Previous by Date Date Index Next by Date >
< Previous in Thread Thread Index Next in Thread >

Re: [reSIProcate] Message::operator<<

I'm not going to explain it here but there are "bad" (read root compromise)
things that happen on Sun and Linux if you allow the binary content of the
message to get displayed (including stuff that may be valid Unicode). I
recommend we do force logged output to be ascii printable characters one way
or another. 

Cullen


On 7/15/04 4:03 PM, "Rohan Mahy" <rohan@xxxxxxxxx> wrote:

> 
> On Jul 15, 2004, at 2:40 PM, david Butcher wrote:
> 
>> 
>> If we feel that strongly about it, we can do something inside logging.
>> Forcing the cost onto the inserter in general seems wrong.
> 
> agreed on both counts.
> 
> thx,
> -r
> 
>> 
>> david
>> 
>>> -----Original Message-----
>>> From: Rohan Mahy [mailto:rohan@xxxxxxxxx]
>>> Sent: Thursday, July 15, 2004 2:28 PM
>>> To: david Butcher
>>> Cc: resiprocate-devel@xxxxxxxxxxxxxxxxxxx; Rohan Mahy
>>> Subject: Re: [reSIProcate] Message::operator<<
>>> 
>>> 
>>> Hey,
>>> 
>>> This really concerns me from a security point of view.  If there is
>>> any
>>> chance that an attacker can use a program that just writes out a
>>> message to a log (for example) as an attack vector then I think we
>>> should pay the performance penalty to protect the app developer.
>>> 
>>> thx,
>>> -r
>>> 
>>> On Jul 15, 2004, at 1:19 PM, david Butcher wrote:
>>> 
>>>> Hi all,
>>>> 
>>>> I removed the the call to escaped() in Message::operator<<.
>>>> This was an efficiency hit and breaks UTF-8.
>>>> 
>>>> Apps calling only msg->encode(stream) are not exposed to this
>>>> problem.
>>>> 
>>>> We don't deal with %xx encoding on the read side anyway.
>>>> I have some ideas about how to deal with this if any one needs to in
>>>> the
>>>> short term.
>>>> 
>>>> Some of us have been careful to escape when outputting to the log.
>>>> This change may reduce logging safety. If you want to encode a
>>>> message
>>>> going
>>>> to the log,
>>>> use << Data::from(*msg).escaped() rather than just << *msg.
>>>> 
>>>> david
>>>> 
>>>> _______________________________________________
>>>> resiprocate-devel mailing list
>>>> resiprocate-devel@xxxxxxxxxxxxxxxxxxx
>>>> https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel
>>> 
>>> 
> 
> _______________________________________________
> resiprocate-devel mailing list
> resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel