< Previous by Date Date Index Next by Date >
  Thread Index Next in Thread >

[reSIProcate] No end-double-quote (RDQUOT) in multi-value fields silently dropped


Hi,

1) Synopsis
resip silently drops any multi-value fields, such as Call-Info and Warning
that has an open d-quote with *no* close d-quote, inadvertently or
otherwise. Eg.

Call-Info: <bob@xxxxxxxxxxx>;METHOD="NOTIFY;param1=;param2=\r\n
Warning: 399 devnull "bad happened\r\n

Try it yourself.

Granted the above examples violate the ABNF grammar, but shouldn't the stack
respond or allow the client to respond with something like 400 to suppress
retransmission ??


2) The problem
If the method MsgHeaderScanner.scanChunk fails (with scrError), as the code
fragment below shows, resip stack silently discards the message.

void
UdpTransport::process(FdSet& fdset)
{
...
      if (mMsgHeaderScanner.scanChunk(buffer, len, &unprocessedCharPtr) !=
MsgHeaderScanner::scrEnd)
      {
         StackLog(<<"Scanner rejecting datagram as unparsable / fragmented
from " << tuple);
         StackLog(<< Data(buffer, len));
         delete message; 
         message=0; 
         return;
      }
...
}


3) Suggested resolution

Treat the CR as if to contain the implicit close DQUOTE. In other words,
change the state-machine of MsgHeaderScanner to transition to the *same*
state that would occurred had the double quote been there. This will, at
least, allow the higher layers to deal with it as deemed necessary.

For your convenient, here's the state diagram (script and image form) of
msg-header-scanner attained from MsgHeaderScanner.dumpStateMachine:
msg-header-scanner.dot:
http://download.counterpath.com/dl.php?RemoteID=d035ef0b0d0eca8d47c33cc03bb6
3b49
msg-header-scanner.jpg:
http://download.counterpath.com/dl.php?RemoteID=4202cbea38716957b71670b0fa44
72d6

Here's the patch:

Index: MsgHeaderScanner.cxx
===================================================================
--- MsgHeaderScanner.cxx        (revision 7149)
+++ MsgHeaderScanner.cxx        (working copy)
@@ -370,7 +370,7 @@
    specTransition(sScanNValueInQuotes,
                   ccCarriageReturn,
                   taNone,
-                  sHalfLineBreakInQuotesInNValue);
+                  sHalfLineBreakInNValue);
    specDefaultTransition(sAfterEscCharInQuotesInNValue,
                          taNone,
                          sScanNValueInQuotes);

4) Consequence
The consequence is that this now renders the state:
'sHalfLineBreakInQuotesInNValue' obsolete/unreachable. And you can no longer
do this:

Warning: 399 devnull "bad happened\r\n
        in SDP of\r\n
your INVITE"\r\n

I'm no grammar expert, but is breaking such HFV above legal ??


5) Concerns of my suggested resolution?? Other ideas/comments???

Van.

No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.472 / Virus Database: 269.8.15/848 - Release Date: 6/13/2007
12:50 PM