14 Oct
2023
14 Oct
'23
9:35 p.m.
Module: kamailio
Branch: master
Commit: b56037fab181037d48bfc90802f25b85ae8bee04
URL: https://github.com/kamailio/kamailio/commit/b56037fab181037d48bfc90802f25b8…
Author: Daniel-Constantin Mierla <miconda(a)gmail.com>
Committer: Daniel-Constantin Mierla <miconda(a)gmail.com>
Date: 2023-10-14T16:49:20+02:00
core: added msg_recv_max_size global parameter
- set limit for max size of received tcp or upd messages
---
Modified: src/core/cfg.lex
Modified: src/core/cfg.y
Modified: src/core/globals.h
Modified: src/core/tcp_read.c
Modified: src/core/udp_server.c
Modified: src/main.c
---
Diff:
https://github.com/kamailio/kamailio/commit/b56037fab181037d48bfc90802f25b8…
Patch:
https://github.com/kamailio/kamailio/commit/b56037fab181037d48bfc90802f25b8…
---
diff --git a/src/core/cfg.lex b/src/core/cfg.lex
index 9e338606c20..e88c54527ba 100644
--- a/src/core/cfg.lex
+++ b/src/core/cfg.lex
@@ -365,6 +365,7 @@ STATS_NAMESEP stats_name_separator
MAXBUFFER maxbuffer
MAXSNDBUFFER maxsndbuffer
SQL_BUFFER_SIZE sql_buffer_size
+MSG_RECV_MAX_SIZE msg_recv_max_size
CHILDREN children
SOCKET socket
BIND bind
@@ -850,6 +851,7 @@ IMPORTFILE "import_file"
<INITIAL>{MAXBUFFER} { count(); yylval.strval=yytext; return MAXBUFFER; }
<INITIAL>{MAXSNDBUFFER} { count(); yylval.strval=yytext; return MAXSNDBUFFER; }
<INITIAL>{SQL_BUFFER_SIZE} { count(); yylval.strval=yytext; return SQL_BUFFER_SIZE;
}
+<INITIAL>{MSG_RECV_MAX_SIZE} { count(); yylval.strval=yytext; return
MSG_RECV_MAX_SIZE; }
<INITIAL>{CHILDREN} { count(); yylval.strval=yytext; return CHILDREN; }
<INITIAL>{SOCKET} { count(); yylval.strval=yytext; return SOCKET; }
<INITIAL>{BIND} { count(); yylval.strval=yytext; return BIND; }
diff --git a/src/core/cfg.y b/src/core/cfg.y
index d833288c10d..5a82345a15b 100644
--- a/src/core/cfg.y
+++ b/src/core/cfg.y
@@ -421,6 +421,7 @@ extern char *default_routename;
%token MAXBUFFER
%token MAXSNDBUFFER
%token SQL_BUFFER_SIZE
+%token MSG_RECV_MAX_SIZE
%token USER
%token GROUP
%token CHROOT
@@ -1013,6 +1014,8 @@ assign_stm:
| MAXSNDBUFFER EQUAL error { yyerror("number expected"); }
| SQL_BUFFER_SIZE EQUAL NUMBER { sql_buffer_size=$3; }
| SQL_BUFFER_SIZE EQUAL error { yyerror("number expected"); }
+ | MSG_RECV_MAX_SIZE EQUAL NUMBER { ksr_msg_recv_max_size=$3; }
+ | MSG_RECV_MAX_SIZE EQUAL error { yyerror("number expected"); }
| CHILDREN EQUAL NUMBER { children_no=$3; }
| CHILDREN EQUAL error { yyerror("number expected"); }
| STATS_NAMESEP EQUAL STRING { ksr_stats_namesep=$3; }
diff --git a/src/core/globals.h b/src/core/globals.h
index b541d8e9cf8..3a488db23c2 100644
--- a/src/core/globals.h
+++ b/src/core/globals.h
@@ -238,6 +238,8 @@ extern int ksr_local_rport;
extern int ksr_rpc_exec_delta;
+extern int ksr_msg_recv_max_size;
+
#ifdef USE_DNS_CACHE
extern int
dns_cache_init; /* if 0, the DNS cache is not initialized at startup */
diff --git a/src/core/tcp_read.c b/src/core/tcp_read.c
index 31c6e92444c..10fd348696f 100644
--- a/src/core/tcp_read.c
+++ b/src/core/tcp_read.c
@@ -1486,7 +1486,6 @@ int tcp_read_req(struct tcp_connection *con, int *bytes_read,
resp = CONN_RELEASE;
req = &con->req;
if(req->tvrstart.tv_sec == 0) {
- LM_DBG("=== set message read start time\n");
gettimeofday(&req->tvrstart, NULL);
}
@@ -1512,6 +1511,14 @@ int tcp_read_req(struct tcp_connection *con, int *bytes_read,
}
#endif
+ if(ksr_msg_recv_max_size <= (int)(req->parsed - req->start)) {
+ LOG(cfg_get(core, core_cfg, corelog),
+ "read message too large: %d - c: %p r: %p (%d)\n",
+ (int)(req->parsed - req->start), con, req, bytes);
+ resp = CONN_ERROR;
+ goto end_req;
+ }
+
if(unlikely(bytes < 0)) {
LOG(cfg_get(core, core_cfg, corelog),
"ERROR: tcp_read_req: error reading - c: %p r: %p (%d)\n",
diff --git a/src/core/udp_server.c b/src/core/udp_server.c
index 16c85bd8421..7e01dd8c279 100644
--- a/src/core/udp_server.c
+++ b/src/core/udp_server.c
@@ -664,6 +664,11 @@ int udp_rcv_loop()
else
goto error;
}
+ if(ksr_msg_recv_max_size <= len) {
+ LOG(cfg_get(core, core_cfg, corelog),
+ "read message too large: %d\n", len);
+ continue;
+ }
if(fromaddrlen != (unsigned int)sockaddru_len(bind_address->su)) {
LM_ERR("ignoring data - unexpected from addr len: %u != %u\n",
fromaddrlen, (unsigned int)sockaddru_len(bind_address->su));
diff --git a/src/main.c b/src/main.c
index 90ef4ad49e8..7185f0c0eaf 100644
--- a/src/main.c
+++ b/src/main.c
@@ -530,6 +530,7 @@ int fixup_complete = 0; /* flag = is the fixup complete ? */
char *pid_file = 0; /* filename as asked by use */
char *pgid_file = 0;
+int ksr_msg_recv_max_size = 32767; /* 2^15 - 1 */
/* memory manager */
#define SR_MEMMNG_DEFAULT "qm"