Re: [reSIProcate] ParserCategory will accept empty parameters

[Byron Campen <bcampen@xxxxxxxxxxxx>]

	Well, I would argue that at the very least, we need to ensure that  
resip will not re-emit repeated params. If the easiest way to do this  
is to prevent the storage of repeated params in the first place, we  
know what we need to do.

Best regards,
Byron Campen

On Aug 3, 2006, at 7:59 PM, david Butcher wrote:

> Well, it is hard to argue with the code snippet :-),
> but is shouldn't allow more than one instance of each unknown param  
> by name...
>
> Did we decide it was too expensive to track uniqueness of params?
>
> david
>
> On 8/3/06, david Butcher <davidlbutcher@xxxxxxxxx> wrote:
> > Are you sure? I haven't looked lately, but if it did generate a param
> > for empty string, it should store just one, since repeated params are
> > not permitted.
> >
> > david
> >
> > On 8/3/06, Byron Campen <bcampen@xxxxxxxxxxxx> wrote:
> > >
> > >  In ParserCategory::parseParameters(), the following code
> > > will accept empty parameters:
> > >
> > > *snip*
> > >       if (  (!pb.eof() && *pb.position() == Symbols::SEMI_COLON 
> > [0]) )
> > >       {
> > >          // extract the key
> > >          pb.skipChar();
> > >          const char* keyStart = pb.skipWhitespace();
> > >          const char* keyEnd = pb.skipToOneOf(" \t\r\n;=?>");  //! 
> > dlb! @
> > > here?
> > >          ParameterTypes::Type type =
> > > ParameterTypes::getType(keyStart, (keyEnd - keyStart));
> > >          if (type == ParameterTypes::UNKNOWN)
> > >          {
> > >             mUnknownParameters.push_back(new UnknownParameter 
> > (keyStart,
> > >                                                               int 
> > ((keyEnd -
> > > keyStart)), pb, " \t\r\n;?>"));
> > >          }
> > >          else
> > >          {
> > >             // invoke the particular factory
> > >
> > > mParameters.push_back(ParameterTypes::ParameterFactories[type] 
> > (type,
> > > pb, " \t\r\n;?>"));
> > >          }
> > >       }
> > >
> > > *snip*
> > >
> > >  This isn't such a bad thing for a endpoint, but servers MUST  
> > not re-emit
> > > this sort of thing. Also, someone could eat us alive if they  
> > sent traffic
> > > containing stuff like this to us:
> > >
> > > To:
> > >  
> > "Kaboom"<sip:foo@bar;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; 
> > ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;etc...
> > > out to ~64K>
> > >
> > > We'd end up filling a std::vector with around 60K empty Datas  
> > for every
> > > message sent at us.
> > >
> > > Best regards,
> > > Byron Campen
> > > _______________________________________________
> > > resiprocate-devel mailing list
> > > resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> > > https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel
> > >
> > >
> > >

Attachment: smime.p7s
Description: S/MIME cryptographic signature