[reSIProcate] crash on mailformed From field.

roman.romanchenko at portaone.com roman.romanchenko at portaone.com
Sun Mar 17 14:54:52 CDT 2013 

Dear developers,

I'm not sure where the ParseException thrown during the call of 
getTransactionId() is catched.

1. Inside ParseBuffer, ParseException catched, then fail() called, and 
ParseException thrown again.
2. SipMessage class does not catch ParseException or it's base.
3. TransactionState::process calls getTransactionId() and catches 
SipMessage::Exception but not ParseException.
4. moving up through the call stack it is also not catch by 
TransactionController or TransactionControllerThread. So can be catch by 
my application level only, that is actually is not so good, to break the 
thread on such malformed fields like I have provided in first post.

I have implemented simple workaround to catch ParseException right 
after catch (SipMessage::Exception) block in 
TransactionState::process().
On the moment of catch it is even not ready to answer with "Bad 
Request" or something like this. So I just delete message, write error 
message to log and return from process().

But I'm interesting in some kind of "official" solution here, or just 
estimation when it can be released.

Thanks.


On Thu, 14 Mar 2013 08:23:04 -0700, Byron Campen wrote:
> A couple of potential causes; terminate can be called when an
> exception specification is violated, or if another exception is 
> thrown
> while the first is propogating (usually caused by a throw inside a
> destructor, which is why throwing inside a destructor is generally a
> bad idea).
>
> Best regards,
>  Byron Campen
> On Mar 14, 2013 7:04 AM,  wrote:
>
>> Dear resiprocate devels.
>>
>> I have the following issue.
>>
>> resiprocate 1.8.5
>>
>> On receiving the first REGISTER message with mailformed From field
>> included extra space before ">", my application based on resiprocate
>> crashes into core.
>> Here is an example: From:
>>
>> I expect that TransactionState::process would handle this in place
>> where calling getTransactionId() and print something to log or call
>> handleBadRequest()
>>
>> Please advice.
>>
>> Many thanks.
>>
>> gdb stack for more details:
>>
>> #0  0x0000003c524328a5 in raise () from /lib64/libc.so.6
>> #1  0x0000003c52434085 in abort () from /lib64/libc.so.6
>> #2  0x0000003c554bea5d in __gnu_cxx::__verbose_terminate_handler()
>> () from /usr/lib64/libstdc++.so.6
>> #3  0x0000003c554bcbe6 in ?? () from /usr/lib64/libstdc++.so.6
>> #4  0x0000003c554bcc13 in std::terminate() () from
>> /usr/lib64/libstdc++.so.6
>> #5  0x0000003c554bcd0e in __cxa_throw () from
>> /usr/lib64/libstdc++.so.6
>> #6  0x0000003c5d63fb8a in resip::ParseBuffer::fail
>> (this=0x7f5cf3ffe180, file=0x3c5d66493f "ParseBuffer.cxx", line=62,
>> detail=) at ParseBuffer.cxx:964
>> #7  0x0000003c5d6406bc in resip::ParseBuffer::skipChar
>> (this=0x7f5cf3ffe180, c=62 >) at ParseBuffer.cxx:62
>> #8  0x0000003c5eedbaf9 in resip::NameAddr::parse
>> (this=0x7f5c5d96ba60, pb=...) at NameAddr.cxx:241
>> #9  0x0000003c5ef27d9c in resip::LazyParser::doParse (this=) at
>> LazyParser.cxx:79
>> #10 0x0000003c5eed6af0 in checkParsed (this=0x7f5c5d96ba60,
>> paramType=...) at ../../resip/stack/LazyParser.hxx:106
>> #11 resip::NameAddr::exists (this=0x7f5c5d96ba60, paramType=...) at
>> NameAddr.cxx:434
>> #12 0x0000003c5ef61266 in
>> resip::SipMessage::compute2543TransactionHash (this=0x7f5c5d96b4c0)
>> at SipMessage.cxx:424
>> #13 0x0000003c5ef61e28 in resip::SipMessage::getTransactionId
>> (this=0x7f5c5d96b4c0) at SipMessage.cxx:357
>> #14 0x0000003c5ef8641a in resip::TransactionState::process
>> (controller=..., message=0x7f5c5d96b4c0) at TransactionState.cxx:468
>> #15 0x0000003c5ef77720 in resip::TransactionController::process
>> (this=0x563ffa0, timeout=) at TransactionController.cxx:141
>> #16 0x0000003c5ef69f81 in
>> resip::TransactionControllerThread::thread (this=0x3e81460) at
>> ../../resip/stack/TransactionControllerThread.hxx:30
>> #17 0x0000003c5d646e3a in threadIfThreadWrapper (threadParm=) at
>> ThreadIf.cxx:51
>> #18 0x0000003c52c07851 in start_thread () from
>> /lib64/libpthread.so.0
>> #19 0x0000003c524e811d in clone () from /lib64/libc.so.6
>>
>> _______________________________________________
>> resiprocate-devel mailing list
>> resiprocate-devel at resiprocate.org [2]
>> https://list.resiprocate.org/mailman/listinfo/resiprocate-devel [3]
>
>
> Links:
> ------
> [1] mailto:sip%3AXXXXX at sip.test.com
> [2] mailto:resiprocate-devel at resiprocate.org
> [3] https://list.resiprocate.org/mailman/listinfo/resiprocate-devel
> [4] mailto:roman.romanchenko at portaone.com

More information about the resiprocate-devel mailing list