sr-dev March 2009

sr-dev@lists.kamailio.org

14 participants
188 discussions

git:master: An update to the methods parser

by Jan Janak

Module: sip-router Branch: master Commit: 28e95087c242a0743fb633ce732e45d1f7d40335 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=28e9508… Author: Jan Janak <jan(a)iptel.org> Committer: Jan Janak <jan(a)iptel.org> Date: Tue Mar 31 13:32:31 2009 +0200 An update to the methods parser List if changes: * METHOD_REFER defined in msg_parser.h * Changed the prototype of parse_method to use enum request_type * Define ALL_METHODS macro * Replace METH_* with METHOD_* --- parser/msg_parser.h | 2 +- parser/parse_methods.c | 30 +++++++++++++++--------------- parser/parse_methods.h | 24 +++--------------------- 3 files changed, 19 insertions(+), 37 deletions(-) diff --git a/parser/msg_parser.h b/parser/msg_parser.h index 1b250df..8624035 100644 --- a/parser/msg_parser.h +++ b/parser/msg_parser.h @@ -79,7 +79,7 @@ enum request_method { METHOD_UNDEF=0, METHOD_INVITE=1, METHOD_CANCEL=2, METHOD_ACK=4, METHOD_BYE=8, METHOD_INFO=16, METHOD_REGISTER=32, METHOD_SUBSCRIBE=64, METHOD_NOTIFY=128, METHOD_MESSAGE=256, METHOD_OPTIONS=512, - METHOD_PRACK=1024, METHOD_UPDATE=2048, METHOD_OTHER=4096 }; + METHOD_PRACK=1024, METHOD_UPDATE=2048, METHOD_REFER = 4096, METHOD_OTHER=8192 }; #define FL_FORCE_RPORT (1 << 0) /* force rport */ #define FL_FORCE_ACTIVE (1 << 1) /* force active SDP */ diff --git a/parser/parse_methods.c b/parser/parse_methods.c index 8e6aabd..aeadee8 100644 --- a/parser/parse_methods.c +++ b/parser/parse_methods.c @@ -49,7 +49,7 @@ static int token_char(char _c) * Parse a method pointed by _next, assign its enum bit to _method, and update * _next past the method. Returns 1 if parse succeeded and 0 otherwise. */ -int parse_method(str* _next, unsigned int* _method) +int parse_method(str* _next, enum request_method* _method) { if (!_next || !_method) { LOG(L_ERR, "parse_method: Invalid parameter value\n"); @@ -65,7 +65,7 @@ int parse_method(str* _next, unsigned int* _method) case 'A': case 'a': if ((_next->len > 2) && !strncasecmp(_next->s + 1, "ck", 2)) { - *_method = METH_ACK; + *_method = METHOD_ACK; _next->len -= 3; _next->s += 3; return 1; @@ -76,7 +76,7 @@ int parse_method(str* _next, unsigned int* _method) case 'B': case 'b': if ((_next->len > 2) && !strncasecmp(_next->s + 1, "ye", 2)) { - *_method = METH_BYE; + *_method = METHOD_BYE; _next->len -= 3; _next->s += 3; return 1; @@ -87,7 +87,7 @@ int parse_method(str* _next, unsigned int* _method) case 'C': case 'c': if ((_next->len > 5) && !strncasecmp(_next->s + 1, "ancel", 5)) { - *_method = METH_CANCEL; + *_method = METHOD_CANCEL; _next->len -= 6; _next->s += 6; return 1; @@ -100,14 +100,14 @@ int parse_method(str* _next, unsigned int* _method) if ((_next->len > 3) && ((*(_next->s + 1) == 'N') || (*(_next->s + 1) == 'n'))) { if (!strncasecmp(_next->s + 2, "fo", 2)) { - *_method = METH_INFO; + *_method = METHOD_INFO; _next->len -= 4; _next->s += 4; return 1; } if ((_next->len > 5) && !strncasecmp(_next->s + 2, "vite", 4)) { - *_method = METH_INVITE; + *_method = METHOD_INVITE; _next->len -= 6; _next->s += 6; return 1; @@ -118,7 +118,7 @@ int parse_method(str* _next, unsigned int* _method) case 'M': case 'm': if ((_next->len > 6) && !strncasecmp(_next->s + 1, "essage", 6)) { - *_method = METH_MESSAGE; + *_method = METHOD_MESSAGE; _next->len -= 7; _next->s += 7; return 1; @@ -129,7 +129,7 @@ int parse_method(str* _next, unsigned int* _method) case 'N': case 'n': if ((_next->len > 5) && !strncasecmp(_next->s + 1, "otify", 5)) { - *_method = METH_NOTIFY; + *_method = METHOD_NOTIFY; _next->len -= 6; _next->s += 6; return 1; @@ -140,7 +140,7 @@ int parse_method(str* _next, unsigned int* _method) case 'O': case 'o': if ((_next->len > 6) && !strncasecmp(_next->s + 1, "ptions", 6)) { - *_method = METH_OPTIONS; + *_method = METHOD_OPTIONS; _next->len -= 7; _next->s += 7; return 1; @@ -151,7 +151,7 @@ int parse_method(str* _next, unsigned int* _method) case 'P': case 'p': if ((_next->len > 4) && !strncasecmp(_next->s + 1, "rack", 4)) { - *_method = METH_PRACK; + *_method = METHOD_PRACK; _next->len -= 5; _next->s += 5; return 1; @@ -164,14 +164,14 @@ int parse_method(str* _next, unsigned int* _method) if ((_next->len > 4) && ((*(_next->s + 1) == 'E') || (*(_next->s + 1) == 'e'))) { if (!strncasecmp(_next->s + 2, "fer", 3)) { - *_method = METH_REFER; + *_method = METHOD_REFER; _next->len -= 5; _next->s += 5; return 1; } if ((_next->len > 7) && !strncasecmp(_next->s + 2, "gister", 6)) { - *_method = METH_REGISTER; + *_method = METHOD_REGISTER; _next->len -= 8; _next->s += 8; return 1; @@ -182,7 +182,7 @@ int parse_method(str* _next, unsigned int* _method) case 'S': case 's': if ((_next->len > 8) && !strncasecmp(_next->s + 1, "ubscribe", 8)) { - *_method = METH_SUBSCRIBE; + *_method = METHOD_SUBSCRIBE; _next->len -= 9; _next->s += 9; return 1; @@ -193,7 +193,7 @@ int parse_method(str* _next, unsigned int* _method) case 'U': case 'u': if ((_next->len > 5) && !strncasecmp(_next->s + 1, "pdate", 5)) { - *_method = METH_UPDATE; + *_method = METHOD_UPDATE; _next->len -= 6; _next->s += 6; return 1; @@ -211,7 +211,7 @@ int parse_method(str* _next, unsigned int* _method) _next->s++; _next->len--; } while (_next->len && token_char(*(_next->s))); - *_method = METH_UNKNOWN; + *_method = METHOD_OTHER; return 1; } else { return 0; diff --git a/parser/parse_methods.h b/parser/parse_methods.h index a4d70aa..867484f 100644 --- a/parser/parse_methods.h +++ b/parser/parse_methods.h @@ -29,27 +29,9 @@ #define PARSE_METHODS_H #include "../str.h" +#include "msg_parser.h" -/* - * Methods found in methods Contact parameter or Allow header. - */ -enum method { - METH_UNKNOWN = 1, - METH_ACK = 2, - METH_BYE = 4, - METH_CANCEL = 8, - METH_INFO = 16, - METH_INVITE = 32, - METH_NOTIFY = 64, - METH_OPTIONS = 128, - METH_PRACK = 256, - METH_REGISTER = 512, - METH_SUBSCRIBE = 1024, - METH_UPDATE = 2048, - METH_MESSAGE = 4096, - METH_REFER = 8192 -}; - +#define ALL_METHODS 0xffffffff /* * Parse comma separated list of methods pointed by _body and assign their @@ -57,7 +39,7 @@ enum method { */ int parse_methods(str* _body, unsigned int* _methods); -int parse_method(str* _next, unsigned int* _method); +int parse_method(str* _next, enum request_method* _method); #endif /* PARSE_METHODS_H */

15 years, 7 months

content length

by Daniel-Constantin Mierla

Hello, the data lumps system is critically affected if content-length is wrong for UDP. The anchor_lump() calls abort() in the case content-length is higher than actually body length. This can be prevented by called sanity module to check the content length, however, I consider being too drastic to have abort in such case, it would be better to return an error and let the sip router process other messages. Opinions? Checking sip-router sources, it faces same issue. Another option would be to correct the C-L value locally, but the right one is that phone vendor fixes its side. Cheers, Daniel -- Daniel-Constantin Mierla SIP Router Masterclass - Kamailio (OpenSER) Training http://www.asipto.com/index.php/sip-router-masterclass/

15 years, 7 months

sip_msg and hdrs anchors

by Daniel-Constantin Mierla

Hello, it became a trend to add anchors to each header used by some module to sip_msg structure. While the average is 15 headers per SIP message (some without anchors in the sip_msg), sip_msg has over 35. Many of these are used only once, e.g., presence related headers are used by router as endpoint, not as a proxy. Intended to endpoint are subject, supported, unsupported, and perhaps others... Keeping them and cloning in TM when proxying makes no sense. They are not used for routing. I think would be good to replace some anchors or at least for future the addition of anchors with functions like: get_hdr_xyz(sip_msg) - that will take care of parsing and return the right hdr_field structure. On another hand I propose to add sortcut to body (start and length) - in this case if there is a correction done by the parser, will be in effect everywhere. Looking now in the code, there are functions that extract body in different ways, some correcting the length by skipping \r, \n at the end. Cheers, Daniel -- Daniel-Constantin Mierla

15 years, 7 months

Patch: usrloc compilation fixes

by Henning Westerholt

Hi, attached patch fixes the compilation for the usrloc module. It adapts it to the different parse_phostport syntax, and fixes a missing #define. Patch against kamailio-3.0 branch. The other (tiny) patchs introduces a ALL_METHODS #define to the parser of sr, which is also necessary for usrloc and a few more modules. Patch against sr master branch. Please apply, thanks Henning

15 years, 7 months

k git repository

by Daniel-Constantin Mierla

Hello, some time ago, during an IRC devel meeting, it was proposed to migrate K source repository to GIT (IIRC Ovidiu Sas). At that time SF.net didn't provide git support but does it now.. Probably many know that most of the modules were updated to compile with sip-router core (last of them being worked out): http://sip-router.org/wiki/devel/kamailio-integration#module_integration_st… Now I am asking the K devels if they feel comfortable with git, so that we move our repository to git. It will easy synchronization with sip-router core which is kept in git. Cheers, Daniel -- Daniel-Constantin Mierla

15 years, 7 months

git:master: dns: TXT record cache support & more rpcs

by Andrei Pelinescu-Onciul

Module: sip-router Branch: master Commit: adc6fe8aa97d0119d25e147248a950d5d91477e2 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=adc6fe8… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Mon Mar 30 20:44:23 2009 +0200 dns: TXT record cache support & more rpcs - TXT records can be cached (dns_get_entry supports T_TXT) - more delete entry from cache rpcs: dns.delete_naptr dns.delete_cname dns.delete_txt - dns.lookup rpc: dns.lookup <type> <name> (useful for debugging or for pre-populating the dns cache) e.g.: utils/sercmd/sercmd dns.lookup A iptel.org --- core_cmd.c | 92 ++++++++++++---- dns_cache.c | 359 ++++++++++++++++++++++++++++++++++++++++++++++------------- 2 files changed, 352 insertions(+), 99 deletions(-) Diff: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commitdiff;h=adc…

15 years, 7 months

git:master: dns: TXT records support

by Andrei Pelinescu-Onciul

Module: sip-router Branch: master Commit: 8f4ba87e4170e025a50ca12581acd8b12a085298 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=8f4ba87… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Mon Mar 30 20:40:23 2009 +0200 dns: TXT records support - support for TXT lookups, both single and multiple strings are supported. --- resolve.c | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ resolve.h | 18 +++++++++++++++ 2 files changed, 91 insertions(+), 0 deletions(-) diff --git a/resolve.c b/resolve.c index 9f55f3d..8dfde34 100644 --- a/resolve.c +++ b/resolve.c @@ -456,6 +456,73 @@ error: +/** parses a TXT record into a txt_rdata structure. + * @param msg - pointer to the dns message + * @param end - pointer to the end of the record (rdata end) + * @param rdata - pointer to the rdata part of the txt answer + * returns 0 on error, or a dyn. alloc'ed txt_rdata structure */ +/* TXT rdata format: + * + * one or several character strings: + * 01234567 + * +--------------------+ + * | len | string / ... + * |------------------+ + */ +static struct txt_rdata* dns_txt_parser(unsigned char* msg, unsigned char* end, + unsigned char* rdata) +{ + struct txt_rdata* txt; + int len, n, i; + int str_size; + unsigned char* p; + unsigned char* st; + + txt=0; + if (unlikely((rdata+1)>end)) goto error; + n=0; + str_size=0; + /* count the number of strings */ + p=rdata; + do{ + len=*p; + p+=len+1; + str_size+=len+1; /* 1 for the term. 0 */ + if (unlikely(p>end)) goto error; + n++; + }while(p<end); + /* alloc sizeof struct + space for the dns_cstr array + space for + the strings */ + txt=local_malloc(sizeof(struct txt_rdata) +(n-1)*sizeof(struct dns_cstr)+ + str_size); + if(unlikely(txt==0)){ + LOG(L_ERR, "ERROR: dns_txt_parser: out of memory\n"); + goto error; + } + /* string table */ + st=(unsigned char*)txt+sizeof(struct txt_rdata) + + (n-1)*sizeof(struct dns_cstr); + txt->cstr_no=n; + txt->tslen=str_size; + /* fill the structure */ + p=rdata; + for (i=0; i<n; i++){ + len=*p; + memcpy(st, p+1, len); + st[len]=0; + txt->txt[i].cstr_len=len; + txt->txt[i].cstr=(char*)st; + st+=len+1; + p+=len+1; + } + return txt; +error: + if (txt) local_free(txt); + return 0; +} + + + /* frees completely a struct rdata list */ void free_rdata_list(struct rdata* head) { @@ -689,6 +756,12 @@ again: *last=rd; last=&(rd->next); break; + case T_TXT: + rd->rdata= dns_txt_parser(buff.buff, p+rdlength, p); + if (rd->rdata==0) goto error_parse; + *last=rd; + last=&(rd->next); + break; default: LOG(L_ERR, "WARNING: get_record: unknown type %d\n", rtype); rd->rdata=0; diff --git a/resolve.h b/resolve.h index eba6ad4..b4d66ae 100644 --- a/resolve.h +++ b/resolve.h @@ -152,6 +152,24 @@ struct cname_rdata { /* real size of the structure */ #define CNAME_RDATA_SIZE(s) (sizeof(struct cname_rdata)+(s).name_len) +/* dns character-string */ +struct dns_cstr{ + char* cstr; /* pointer to null term. string */ + unsigned char cstr_len; +}; + +/* txt rec. struct */ +struct txt_rdata { + unsigned short cstr_no; /* number of strings */ + unsigned short tslen; /* total strings table len */ + struct dns_cstr txt[1]; /* at least 1 */ + /* all txt[*].cstr point inside a string table at the end of the struct.*/ +}; + +#define TXT_RDATA_SIZE(s) \ + (sizeof(struct txt_rdata)+((s).cstr_no-1)*sizeof(struct dns_cstr)+\ + (s).tslen) + #ifdef HAVE_RESOLV_RES int match_search_list(const struct __res_state* res, char* name);

15 years, 7 months

git:master: Merge branch 'ser_core_cvs' of ssh://git.sip-router.org/ sip-router

by Andrei Pelinescu-Onciul

Module: sip-router Branch: master Commit: fac5c2fdcb13526c90b88ae1eaf528e7e104602f URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=fac5c2f… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Mon Mar 30 20:55:25 2009 +0200 Merge branch 'ser_core_cvs' of ssh://git.sip-router.org/sip-router * 'ser_core_cvs' of ssh://git.sip-router.org/sip-router: dns: more strict record end checking dns: minor fixes: long lines, unlikely(), end of msg checks Adding missing reset_static_buffer() Conflicts: modules/tm/t_reply.c ---

15 years, 7 months

git:ser_core_cvs: dns: minor fixes: long lines, unlikely(), end of msg checks

by Andrei Pelinescu-Onciul

Module: sip-router Branch: ser_core_cvs Commit: ca4ceef32cb4149efc14cdd8c25c8cd2348d653c URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=ca4ceef… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Mon Mar 30 13:50:36 2009 +0000 dns: minor fixes: long lines, unlikely(), end of msg checks - check if the rdlength is valid (points inside the answer), before skipping over a record - added unlikely() for error checks - cosmetic: broken some long lines --- resolve.c | 70 ++++++++++++++++++++++++++++++++++--------------------------- 1 files changed, 39 insertions(+), 31 deletions(-) diff --git a/resolve.c b/resolve.c index 740ea87..b007918 100644 --- a/resolve.c +++ b/resolve.c @@ -523,22 +523,22 @@ struct rdata* get_record(char* name, int type, int flags) fullname_rd=0; size=res_search(name, C_IN, type, buff.buff, sizeof(buff)); - if (size<0) { + if (unlikely(size<0)) { DBG("get_record: lookup(%s, %d) failed\n", name, type); goto not_found; } - else if (size > sizeof(buff)) size=sizeof(buff); + else if (unlikely(size > sizeof(buff))) size=sizeof(buff); head=rd=0; last=crt=&head; p=buff.buff+DNS_HDR_SIZE; end=buff.buff+size; - if (p>=end) goto error_boundary; + if (unlikely(p>=end)) goto error_boundary; qno=ntohs((unsigned short)buff.hdr.qdcount); for (r=0; r<qno; r++){ /* skip the name of the question */ - if ((p=dns_skipname(p, end))==0) { + if (unlikely((p=dns_skipname(p, end))==0)) { LOG(L_ERR, "ERROR: get_record: skipname==0\n"); goto error; } @@ -547,7 +547,7 @@ struct rdata* get_record(char* name, int type, int flags) for (;(p<end && (*p)); p++); p+=1+2+2; /* skip the ending '\0, QCODE and QCLASS */ #endif - if (p>end) { + if (unlikely(p>end)) { LOG(L_ERR, "ERROR: get_record: p>=end\n"); goto error; } @@ -562,20 +562,21 @@ again: goto error; } #else - if ((skip=dn_expand(buff.buff, end, p, rec_name, MAX_DNS_NAME-1))==-1){ + if (unlikely((skip=dn_expand(buff.buff, end, p, rec_name, + MAX_DNS_NAME-1))==-1)){ LOG(L_ERR, "ERROR: get_record: dn_expand(rec_name) failed\n"); goto error; } #endif p+=skip; rec_name_len=strlen(rec_name); - if (rec_name_len>255){ + if (unlikely(rec_name_len>255)){ LOG(L_ERR, "ERROR: get_record: dn_expand(rec_name): name too" " long (%d)\n", rec_name_len); goto error; } /* check if enough space is left for type, class, ttl & size */ - if ((p+2+2+4+2)>end) goto error_boundary; + if (unlikely((p+2+2+4+2)>end)) goto error_boundary; /* get type */ memcpy((void*) &rtype, (void*)p, 2); rtype=ntohs(rtype); @@ -592,6 +593,7 @@ again: memcpy((void*)&rdlength, (void*)p, 2); rdlength=ntohs(rdlength); p+=2; + if (unlikely((p+rdlength)>end)) goto error_boundary; if ((flags & RES_ONLY_TYPE) && (rtype!=type)){ /* skip */ p+=rdlength; @@ -599,7 +601,8 @@ again: } /* expand the "type" record (rdata)*/ - rd=(struct rdata*) local_malloc(sizeof(struct rdata)+rec_name_len+1-1); + rd=(struct rdata*) local_malloc(sizeof(struct rdata)+rec_name_len+ + 1-1); if (rd==0){ LOG(L_ERR, "ERROR: get_record: out of memory\n"); goto error; @@ -615,13 +618,13 @@ again: if ((search_list_used==1)&&(fullname_rd==0)&& (rec_name_len>=name_len)&& (strncasecmp(rec_name, name, name_len)==0)) { - /* now we have record which's name is the same (up-to the name_len - * with the searched one - * if the length is the same - we found full match, no fake cname - * needed, just clear the flag - * if the length of the name differs - it has matched using search list - * remember the rd, so we can create fake CNAME record when all answers - * are used and no better match found + /* now we have record whose name is the same (up-to the + * name_len with the searched one): + * if the length is the same - we found full match, no fake + * cname needed, just clear the flag + * if the length of the name differs - it has matched using + * search list remember the rd, so we can create fake CNAME + * record when all answers are used and no better match found */ if (rec_name_len==name_len) search_list_used=0; @@ -638,7 +641,7 @@ again: case T_SRV: srv_rd= dns_srv_parser(buff.buff, end, p); rd->rdata=(void*)srv_rd; - if (srv_rd==0) goto error_parse; + if (unlikely(srv_rd==0)) goto error_parse; /* insert sorted into the list */ for (crt=&head; *crt; crt= &((*crt)->next)){ @@ -652,34 +655,35 @@ again: goto skip; } } - last=&(rd->next); /*end of for => this will be the last elem*/ + last=&(rd->next); /*end of for => this will be the last + element*/ skip: /* insert here */ rd->next=*crt; *crt=rd; - break; case T_A: rd->rdata=(void*) dns_a_parser(p,end); - if (rd->rdata==0) goto error_parse; - *last=rd; /* last points to the last "next" or the list head*/ + if (unlikely(rd->rdata==0)) goto error_parse; + *last=rd; /* last points to the last "next" or the list + head*/ last=&(rd->next); break; case T_AAAA: rd->rdata=(void*) dns_aaaa_parser(p,end); - if (rd->rdata==0) goto error_parse; + if (unlikely(rd->rdata==0)) goto error_parse; *last=rd; last=&(rd->next); break; case T_CNAME: rd->rdata=(void*) dns_cname_parser(buff.buff, end, p); - if(rd->rdata==0) goto error_parse; + if(unlikely(rd->rdata==0)) goto error_parse; *last=rd; last=&(rd->next); break; case T_NAPTR: rd->rdata=(void*) dns_naptr_parser(buff.buff, end, p); - if(rd->rdata==0) goto error_parse; + if(unlikely(rd->rdata==0)) goto error_parse; *last=rd; last=&(rd->next); break; @@ -697,7 +701,8 @@ again: flags&=~RES_AR; answers_no=ntohs((unsigned short)buff.hdr.nscount); #ifdef RESOLVE_DBG - DBG("get_record: skipping %d NS (p=%p, end=%p)\n", answers_no, p, end); + DBG("get_record: skipping %d NS (p=%p, end=%p)\n", answers_no, p, + end); #endif for (r=0; (r<answers_no) && (p<end); r++){ /* skip over the ns records */ @@ -706,13 +711,14 @@ again: goto error; } /* check if enough space is left for type, class, ttl & size */ - if ((p+2+2+4+2)>end) goto error_boundary; + if (unlikely((p+2+2+4+2)>end)) goto error_boundary; memcpy((void*)&rdlength, (void*)p+2+2+4, 2); p+=2+2+4+2+ntohs(rdlength); } answers_no=ntohs((unsigned short)buff.hdr.arcount); #ifdef RESOLVE_DBG - DBG("get_record: parsing %d ARs (p=%p, end=%p)\n", answers_no, p, end); + DBG("get_record: parsing %d ARs (p=%p, end=%p)\n", answers_no, p, + end); #endif goto again; /* add also the additional records */ } @@ -723,7 +729,7 @@ again: */ if ((search_list_used==1)&&(fullname_rd!=0)) { rd=(struct rdata*) local_malloc(sizeof(struct rdata)+name_len+1-1); - if (rd==0){ + if (unlikely(rd==0)){ LOG(L_ERR, "ERROR: get_record: out of memory\n"); goto error; } @@ -735,13 +741,15 @@ again: rd->name[name_len]=0; rd->name_len=name_len; /* alloc sizeof struct + space for the null terminated name */ - rd->rdata=(void*)local_malloc(sizeof(struct cname_rdata)-1+head->name_len+1); - if(rd->rdata==0){ + rd->rdata=(void*)local_malloc(sizeof(struct cname_rdata)-1+ + head->name_len+1); + if(unlikely(rd->rdata==0)){ LOG(L_ERR, "ERROR: get_record: out of memory\n"); goto error_rd; } ((struct cname_rdata*)(rd->rdata))->name_len=fullname_rd->name_len; - memcpy(((struct cname_rdata*)(rd->rdata))->name, fullname_rd->name, fullname_rd->name_len); + memcpy(((struct cname_rdata*)(rd->rdata))->name, fullname_rd->name, + fullname_rd->name_len); ((struct cname_rdata*)(rd->rdata))->name[head->name_len]=0; head=rd; }

15 years, 7 months

git:ser_core_cvs: dns: more strict record end checking

by Andrei Pelinescu-Onciul

Module: sip-router Branch: ser_core_cvs Commit: a73ecb4c33a829a1a08fbf04dc7483c79443ccfb URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=a73ecb4… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Mon Mar 30 13:59:42 2009 +0000 dns: more strict record end checking - be more strict and check always if a record doesn't exceed it's declared length (before we checked only if the end is inside the message). --- resolve.c | 16 +++++++++------- 1 files changed, 9 insertions(+), 7 deletions(-) diff --git a/resolve.c b/resolve.c index b007918..9f55f3d 100644 --- a/resolve.c +++ b/resolve.c @@ -499,6 +499,7 @@ struct rdata* get_record(char* name, int type, int flags) static union dns_query buff; unsigned char* p; unsigned char* end; + unsigned char* rd_end; static char rec_name[MAX_DNS_NAME]; /* placeholder for the record name */ int rec_name_len; unsigned short rtype, class, rdlength; @@ -593,10 +594,11 @@ again: memcpy((void*)&rdlength, (void*)p, 2); rdlength=ntohs(rdlength); p+=2; - if (unlikely((p+rdlength)>end)) goto error_boundary; + rd_end=p+rdlength; + if (unlikely((rd_end)>end)) goto error_boundary; if ((flags & RES_ONLY_TYPE) && (rtype!=type)){ /* skip */ - p+=rdlength; + p=rd_end; continue; } /* expand the "type" record (rdata)*/ @@ -639,7 +641,7 @@ again: } switch(rtype){ case T_SRV: - srv_rd= dns_srv_parser(buff.buff, end, p); + srv_rd= dns_srv_parser(buff.buff, rd_end, p); rd->rdata=(void*)srv_rd; if (unlikely(srv_rd==0)) goto error_parse; @@ -663,26 +665,26 @@ again: *crt=rd; break; case T_A: - rd->rdata=(void*) dns_a_parser(p,end); + rd->rdata=(void*) dns_a_parser(p, rd_end); if (unlikely(rd->rdata==0)) goto error_parse; *last=rd; /* last points to the last "next" or the list head*/ last=&(rd->next); break; case T_AAAA: - rd->rdata=(void*) dns_aaaa_parser(p,end); + rd->rdata=(void*) dns_aaaa_parser(p, rd_end); if (unlikely(rd->rdata==0)) goto error_parse; *last=rd; last=&(rd->next); break; case T_CNAME: - rd->rdata=(void*) dns_cname_parser(buff.buff, end, p); + rd->rdata=(void*) dns_cname_parser(buff.buff, rd_end, p); if(unlikely(rd->rdata==0)) goto error_parse; *last=rd; last=&(rd->next); break; case T_NAPTR: - rd->rdata=(void*) dns_naptr_parser(buff.buff, end, p); + rd->rdata=(void*) dns_naptr_parser(buff.buff, rd_end, p); if(unlikely(rd->rdata==0)) goto error_parse; *last=rd; last=&(rd->next);

15 years, 7 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev March 2009