17 Apr
2014
17 Apr
'14
12:58 a.m.
Module: sip-router
Branch: luismartingil/msrp_crash
Commit: 23ad1fb98941507338edba7136327896033ed18f
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=23ad1fb…
Author: Luis Martin Gil <martingil.luis(a)gmail.com>
Committer: Luis Martin Gil <martingil.luis(a)gmail.com>
Date: Wed Apr 16 14:55:35 2014 +0000
msrp: improved parser
- msrp parser patched so Kamailio doesn't crash when receiving
non-rfc4975 compliant msrp messages
---
modules/msrp/msrp_parser.c | 31 ++++++++++++++++++++++++++++++-
1 files changed, 30 insertions(+), 1 deletions(-)
diff --git a/modules/msrp/msrp_parser.c b/modules/msrp/msrp_parser.c
index d7a2ced..8df1a92 100644
--- a/modules/msrp/msrp_parser.c
+++ b/modules/msrp/msrp_parser.c
@@ -81,7 +81,7 @@ int msrp_parse_frame(msrp_frame_t *mf)
}
if(msrp_parse_headers(mf)<0)
{
- LM_ERR("unable to parse first line\n");
+ LM_ERR("unable to parse headers\n");
return -1;
}
return 0;
@@ -221,6 +221,10 @@ int msrp_parse_headers(msrp_frame_t *mf)
msrp_hdr_t *hdr;
msrp_hdr_t *last;
+ int fpath = 0; /* From path set */
+ int tpath = 0; /* To path set */
+ int any = 0; /* Any header set */
+
/* already parsed?!? */
if(mf->headers != NULL)
return 0;
@@ -291,12 +295,37 @@ int msrp_parse_headers(msrp_frame_t *mf)
}
msrp_hdr_set_type(hdr);
+ if (hdr->htype == MSRP_HDR_TO_PATH) {
+ tpath = 1;
+ if (fpath || any) {
+ LM_ERR("broken msrp frame message, To-Path must be the first
header.\n");
+ return -1;
+ }
+ } else if (hdr->htype == MSRP_HDR_FROM_PATH) {
+ fpath = 1;
+ if (!tpath || any) {
+ LM_ERR("broken msrp frame message, From-Path must be the second
header.\n");
+ return -1;
+ }
+ } else {
+ any = 1;
+ if (!tpath || !fpath) {
+ LM_ERR("broken msrp frame message, To-Path and From-Path must be defined
before any header.\n");
+ return -1;
+ }
+ }
+
LM_DBG("MSRP Header: (%p) [%.*s] [%d] [%.*s]\n",
hdr, hdr->name.len, hdr->name.s, hdr->htype,
hdr->body.len, hdr->body.s);
s = l + 1;
}
+ if (!tpath || !fpath) {
+ LM_ERR("broken msrp frame message, To-Path and From-Path must be
defined.\n");
+ return -1;
+ }
+
ateoh:
if(mf->mbody.s!=NULL)
{