[reSIProcate] Content-Length is not taken seriously by SipMessage
Jason Fischl
jason at counterpath.com
Thu Aug 3 10:06:39 CDT 2006
On 8/3/06, Byron Campen <bcampen at estacado.net> wrote:
> When a SipMessage is created, the value in the Content-Length header
> is ignored. Instead, we assume everything that remains in the buffer
> is part of the body, and use that to calculate our Content-Length.
> Technically, we must take the Content-Length header-field-value
> seriously, and ignore/discard any extra bytes. Why aren't we doing this?
>
I assume you are talking specifically about the UDP transport. In the
case of TCP/TLS the content-Length header is required to do framing.
For UDP, since the message comes over a UDP datagram, we know it came
from the sender. There is a DOS attack possible here where you could
send a 64k datagram but the same attack is possible if you send a 64k
datagram with a 64k Content-Length. A solution to this is to simply
limit the maximum size of UDP packet that can be received, scanned and
parsed.
More information about the resiprocate-devel
mailing list