On Mar 30, 2009 at 16:06, Daniel-Constantin Mierla
<miconda(a)gmail.com>
wrote:
Hello,
the data lumps system is critically affected if content-length is wrong
for UDP. The anchor_lump() calls abort() in the case content-length is
higher than actually body length.
It's true that anchor_lump() calls abort if the offset passed to it is
outside the message, but I don't see where anchor_lump() is called with
a value depending on Content-Length (at least in sip-router and ser).
This can be prevented by called sanity
module to check the content length, however, I consider being too
drastic to have abort in such case, it would be better to return an
error and let the sip router process other messages. Opinions?
Checking sip-router sources, it faces same issue.
Another option would be to correct the C-L value locally, but the right
one is that phone vendor fixes its side.
It's fixed automatically in sip-router, if the destination protocol is
tcp or tls.
How can this be fixed automatically? How will the proxy know when then
body ends and the next message starts?