30 Mar
2009
30 Mar
'09
9:48 p.m.
On 03/30/2009 06:27 PM, Juha Heinanen wrote:
Andrei Pelinescu-Onciul writes:
This trust of content-length needs be fixed I agree. However it looks to
me too radical to call abort() on purpose. A developer can fix that
quickly, but users having deployed the sip router cannot coper properly
with. Like in buffer overflow cases, the code detects the case and
returns error, does not call abort(). I see this being similar. I would
avoid abort() on purpose anywhere at runtime, but write error messages,
avoid crash and keep running.
Cheers,
Daniel
--
Daniel-Constantin Mierla
SIP Router Masterclass - Kamailio (OpenSER) Training
http://www.asipto.com/index.php/sip-router-masterclass/
It's not a bug in the UA, it's a bug in
the proxy code that uses a
Content-Length received from the network without checking if it's
valid.
if that is the case, then i agree with you. proxy code should not do
such thing and if it does t is clearly a bug in the proxy code. i
wonder in how many places k currently trusts content-length.