< Previous by Date	Date Index	Next by Date >
< Previous in Thread	Thread Index

Re: [reSIProcate] Parser hang

From: Scott Godin <sgodin@xxxxxxxxxxxxxxx>
Date: Fri, 17 Oct 2014 10:31:05 -0400

Hi Taras,

Nice find! I have modified the fix to just ignore any parameter that is missing a parameter name. The infinite loop is removed by ensuring we advance the parse buffer pointer when keyEnd-keyStart == 0. I will commit this soon as well as a new test case in testParserCategories that triggers the infinite loop in the unfixed code.

Thanks,

Scott Godin

On Fri, Oct 17, 2014 at 9:36 AM, palladin <p-aladin@xxxxxxxxx> wrote:

Dear resiprocate devels,
resiprocate 1.9.2

I have met the situation when some uacs send malformed Authorization header, for example
Authorization: Digest username="000999234",realm="1.1.1.1",nonce="1413544408:b15ee1a80dd75f9db443e2d4feab821b",uri="sip:1.1.1.1",=MD5,response="ef0f8cdc6a75fe810e2ce82a2758f45e".

You may notice that algorithm type is missing. In this case all application hangs inside infinite loop.
Could you please take a look on the patch provided in attachment? Can it be applied to Auth?

Sincerely, Taras.

_______________________________________________
resiprocate-devel mailing list
resiprocate-devel@xxxxxxxxxxxxxxx
https://list.resiprocate.org/mailman/listinfo/resiprocate-devel

References:
- [reSIProcate] Parser hang
  - From: palladin

Prev by Date: [reSIProcate] Parser hang
Next by Date: [reSIProcate] The spelling mistake of marco USE_IPV6
Previous by thread: [reSIProcate] Parser hang
Next by thread: [reSIProcate] The spelling mistake of marco USE_IPV6
Index(es):
- Date
- Thread