< Previous by Date Date Index Next by Date >
  Thread Index Next in Thread >

[reSIProcate] [resiprocate] Fix for a buffer management bug in parsing frames from a websocket. (#26)


In buffer management/parsing, turns out that if you had a piece of a SIP
packet in the previous buffer (input), and in the current one the remainder
of that packet and another one, it will just copy until the end of input,
instead of just the needed length.

The calculations were also done at the wrong place, they had to be done after
the allocation of the new buffer.

The bug meant that:

Also, it was more pronounced with TLS.

A way to reproduce this on the original repro is to create a stream with the HTTP upgrade request in the beginning and some SIP packets after that (I did it with 20k file), and just sending it with something like
cat req | (sleep 2; telnet repro 5066)
would crash the server.


You can view, comment on, or merge this pull request online at:

  https://github.com/resiprocate/resiprocate/pull/26

Commit Summary

File Changes

Patch Links:


Reply to this email directly or view it on GitHub.