Andrei Pelinescu-Onciul schrieb:
On Mar 30, 2009 at 16:06, Daniel-Constantin Mierla miconda@gmail.com wrote:
Hello,
the data lumps system is critically affected if content-length is wrong for UDP. The anchor_lump() calls abort() in the case content-length is higher than actually body length.
It's true that anchor_lump() calls abort if the offset passed to it is outside the message, but I don't see where anchor_lump() is called with a value depending on Content-Length (at least in sip-router and ser).
This can be prevented by called sanity module to check the content length, however, I consider being too drastic to have abort in such case, it would be better to return an error and let the sip router process other messages. Opinions?
Checking sip-router sources, it faces same issue.
Another option would be to correct the C-L value locally, but the right one is that phone vendor fixes its side.
It's fixed automatically in sip-router, if the destination protocol is tcp or tls.
How can this be fixed automatically? How will the proxy know when then body ends and the next message starts?
regards klaus
PS: IMO the server should respond with "400 wrong content length" if accessing of the body is required and the length is wrong