[sr-dev] git:master:0eda1dde: presence_xml: safety check for lenght of node name in xml transformations

13 Jul 2017

Module: kamailio
Branch: master
Commit: 0eda1dde62a6d3d805f0ae32db67055aa0705ce8
URL: https://github.com/kamailio/kamailio/commit/0eda1dde62a6d3d805f0ae32db67055…

Author: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt;
Committer: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt;
Date: 2017-07-13T17:13:46+02:00

presence_xml: safety check for lenght of node name in xml transformations

---

Modified: src/modules/presence_xml/notify_body.c

---

Diff: 
https://github.com/kamailio/kamailio/commit/0eda1dde62a6d3d805f0ae32db67055…
Patch:
https://github.com/kamailio/kamailio/commit/0eda1dde62a6d3d805f0ae32db67055…

---

diff --git a/src/modules/presence_xml/notify_body.c
b/src/modules/presence_xml/notify_body.c
index 5fc58323f8..20160c550c 100644
--- a/src/modules/presence_xml/notify_body.c
+++ b/src/modules/presence_xml/notify_body.c
@@ -222,14 +222,15 @@ str* get_final_notify_body( subs_t *subs, str* notify_body,
xmlNodePtr rule_node
 	xmlNodePtr doc_root = NULL, doc_node = NULL, provide_node = NULL;
 	xmlNodePtr all_node = NULL;
 	xmlDocPtr doc= NULL;
-	char name[15];
-	char service_uri_scheme[10];
+#define KSR_FNB_NAME_SIZE	24
+	char name[KSR_FNB_NAME_SIZE];
+	char service_uri_scheme[16];
 	int i= 0, found = 0;
 	str* new_body = NULL;
     char* class_cont = NULL, *occurence_ID= NULL, *service_uri= NULL;
 	char* deviceID = NULL;
 	char* content = NULL;
-	char all_name[20];
+	char all_name[KSR_FNB_NAME_SIZE+8];
 
 	strcpy(all_name, "all-");
 
@@ -269,7 +270,12 @@ str* get_final_notify_body( subs_t *subs, str* notify_body,
xmlNodePtr rule_node
 
 		LM_DBG("transf_node->name:%s\n",node->name);
 
-		strcpy((char*)name ,(char*)(node->name + 8));
+		/* skip 'provide-' (e.g., provide-services) */
+		if(strlen((char*)(node->name + 8))>KSR_FNB_NAME_SIZE-1) {
+			LM_INFO("unsupported handling of: %s\n", (char*)node->name);
+			continue;
+		}
+		strcpy((char*)name, (char*)(node->name + 8));
 		strcpy(all_name+4, name);
 		
 		if(xmlStrcasecmp((unsigned char*)name,(unsigned char*)"services") == 0)



    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

[sr-dev] git:master:0eda1dde: presence_xml: safety check for lenght of node name in xml transformations