| < Previous by Date | Date Index | Next by Date > |
| Thread Index | Next in Thread > |
[reSIProcate] [resiprocate] Fix for a buffer management bug in parsing frames from a websocket. (#26)
- From: Vasil Kolev <notifications@xxxxxxxxxx>
- Date: Thu, 03 Sep 2015 23:10:50 -0700
In buffer management/parsing, turns out that if you had a piece of a SIP
packet in the previous buffer (input), and in the current one the remainder
of that packet and another one, it will just copy until the end of input,
instead of just the needed length.
The calculations were also done at the wrong place, they had to be done after
the allocation of the new buffer.
The bug meant that:
- Some packets were getting eaten, resulting in random disconnections and other dropped events;
- Sometimes repro would crash;
- Or, if compiled with ASAN, it would always crash.
Also, it was more pronounced with TLS.
A way to reproduce this on the original repro is to create a stream with the HTTP upgrade request in the beginning and some SIP packets after that (I did it with 20k file), and just sending it with something like
cat req | (sleep 2; telnet repro 5066)
would crash the server.
You can view, comment on, or merge this pull request online at:
https://github.com/resiprocate/resiprocate/pull/26
Commit Summary
- Fix for a buffer management bug in parsing frames from a websocket.
File Changes
Patch Links:
- https://github.com/resiprocate/resiprocate/pull/26.patch
- https://github.com/resiprocate/resiprocate/pull/26.diff
—
Reply to this email directly or view it on GitHub.
- Follow-Ups:
- Prev by Date: Re: [reSIProcate] The use of Data Class
- Next by Date: Re: [reSIProcate] [resiprocate] Fix for a buffer management bug in parsing frames from a websocket. (#26)
- Previous by thread: Re: [reSIProcate] The use of Data Class
- Next by thread: Re: [reSIProcate] [resiprocate] Fix for a buffer management bug in parsing frames from a websocket. (#26)
- Index(es):