[reSIProcate] Timer vulnerability

david Butcher david at purplecomm.com
Mon Apr 4 09:24:50 CDT 2005

Quoting Kenneth Ho <kenho at bluebottle.com>:

This sort of thing has been considered.
Less from a hack perspective than from robustness.

Largely, anyone can get a stack that sends whatever, whenever. So locking down
the client is helpful only if there is a particularly nasty and easy client
hack. Such attacks are always possible so must be dealt with elsewehere
(possibly as well).

There are calendar time functions, such as the Date header.


> We are experiencing users hacking our client software on windows. They 
> do so by manipulating windows system time. Which causes timers to be 
> fired prematurely and incur undesired behavior in the stack.
> As a counter to these hacks, I plan to change Timer::getSystemTime() to 
> use GetTickCount() instead of GetSystemTime() for windows. The drawbacks 
> are:
> 1. The value returned would have less precision. From 1/million second 
> to 1/thousand second, but remain the same unit (1/million second). Which 
> should not be a big deal, at least on Windows anyhow.
> 2. The value returned would not be associated to calendar time anymore. 
> This worries me somewhat, I am not sure if anyone uses this function in 
> such a way.
> Ken
> _______________________________________________
> resiprocate-devel mailing list
> resiprocate-devel at list.sipfoundry.org
> https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel

More information about the resiprocate-devel mailing list