[reSIProcate] Hardening the parser (what goes into 1.0?)

[Alan Hawrylyshen]

Resending since the list bounced my other reply.
On 8/7/06 10:14 AM, "Byron Campen" <bcampen at estacado.net> wrote:

>>
> Given that the maximum size of a SipMessage is 64K, I think it is  
> safe to assume that a UInt32 will be enough.
>

Where did that assertion come from? We’ve successfully passed 700MB  
MESSAGE requests through a reSIProcate based product before. Don’t  
confuse the MTU for a particular transport with the ‘maximum message  
size’. :-) One thing that is worth considering; adding explicit  
support for a maximum message size (settable by the stack user).  
There are advantages to having a practical max.

Secondly, there were some items you raised that I disagree with;  
Content-Length is important, however when it is in disagreement with  
the transport framing, I think we should believe the transport. (SCTP/ 
UDP/DTLS) in cases where we NEED the CL, then we should pay close  
attention to it (and we do). Again, this is where the concept of a  
maximum sounds reasonable. The parser should consider returning  
reasonable results if the CL field is larger than UINT32_MAX. (What  
would make sense? If the transport needs framing, what would we do?  
The connection would need to read UINT32_MAX+k bytes and we would  
have no mechanism to remember k.)

Should we just close the connection when the CL is larger than our  
max message size? Think about that...

A