< Previous by Date | Date Index | Next by Date > |
< Previous in Thread | Thread Index |
Best regards, Byron Campen
I'm running on 1.0.2. I had a quick look with the code browser if this was fixed, but apparently I missed it.sorry for the trouble Björn Byron Campen wrote:What revision are you working with? This had already been fixed on head I thought.Best regards, Byron CampenHi, We have run test with the Codenomicon test tool. It sends a BYE (tcp transport) with an unreasonable Content-Length: INVITE sip:user@xxxxxxxxxxxxxx SIP/2.0 To: <sip:user@xxxxxxxxxxxxxx> From: "user" <sip:user@xxxxxxxxxxxxxxxx:5060>;tag=00007359Via: SIP/2.0/UDP from.example.com: 5060;branch=z9hG4bK7359t1180001580949Call-ID: s0c00007359i0t1180001580949@xxxxxxxxxxxxxxxx Contact: "user" <sip:user@xxxxxxxxxxxxxxxx;transport=udp> Content-Length: 1073741823 Content-Type: application/sdp CSeq: 7359 INVITE Max-Forwards: 70 v=0 o=user 1 1 IN IP4 192.168.2.44 s=Codenomicon SIP UAS Test Tool 3.2 (http://www.codenomicon.com/) c=IN IP4 192.168.2.44 t=0 0 m=audio 49158 RTP/AVP 0 a=rtpmap:0 PCMU/8000This causes a bad_alloc exception in ConnetionBase.cxx, so I've done apatch to do some kind of check if size is reasonable. best regards Björn --- ConnectionBase.cxx.orig 2008-03-07 08:59:33.000000000 +0100 +++ ConnectionBase.cxx 2008-03-07 09:01:25.000000000 +0100 @@ -197,6 +197,8 @@ { // The message header is complete.contentLength=mMessage->header (h_ContentLength).value();+ if (contentLength > 65565) + throw resip::ParseBuffer::Exception("unreasonable length", "Content-Length", __FILE__, __LINE__); } catch(resip::ParseException& e) { @@ -295,6 +297,8 @@ try {contentLength = mMessage->header (h_ContentLength).value();+ if (contentLength > 65565) + throw resip::ParseBuffer::Exception("unreasonable length", "Content-Length", __FILE__, __LINE__); } catch(resip::ParseException& e) { --This communication is confidential and intended solely for the addressee(s). Any unauthorized review, use, disclosure or distribution is prohibited. If you believe this message has been sent to you in error, please notify the sender by replying to this transmission and delete the message without disclosing it. Thank you. E-mail including attachments is susceptible to data corruption, interruption, unauthorized amendment, tampering and viruses, and we only send and receive e-mails on the basis that we are not liable for any such corruption, interception, amendment, tampering or viruses or any consequences thereof._______________________________________________ resiprocate-devel mailing list resiprocate-devel@xxxxxxxxxxxxxxx https://list.resiprocate.org/mailman/listinfo/resiprocate-devel--This communication is confidential and intended solely for the addressee(s). Any unauthorized review, use, disclosure or distribution is prohibited. If you believe this message has been sent to you in error, please notify the sender by replying to this transmission and delete the message without disclosing it. Thank you. E-mail including attachments is susceptible to data corruption, interruption, unauthorized amendment, tampering and viruses, and we only send and receive e-mails on the basis that we are not liable for any such corruption, interception, amendment, tampering or viruses or any consequences thereof.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature