kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-11-16 23:08:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "PJSIP: Remove PJSIP parsing functions from uri length validation."

Browse Source
This commit is contained in:
zuul
2016-04-19 16:53:52 -05:00
committed by Gerrit Code Review
parent d95512a7dd 0235a66532
commit c60f8e947f
1 changed files with 41 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
res/res_pjsip/location.c
View File

@@ -412,38 +412,64 @@ static int permanent_uri_sort_fn(const void *obj_left, const void *obj_right, in
int ast_sip_validate_uri_length(const char *contact_uri)
{
pjsip_uri *uri;
pjsip_sip_uri *sip_uri;
pj_pool_t *pool;
int max_length = pj_max_hostname - 1;
char *contact = ast_strdupa(contact_uri);
char *host;
char *at;
int theres_a_port = 0;
if (strlen(contact_uri) > pjsip_max_url_size - 1) {
return -1;
}
if (!(pool = pjsip_endpt_create_pool(ast_sip_get_pjsip_endpoint(), "uri validation", 512, 512))) {
ast_log(LOG_ERROR, "Unable to allocate pool for uri validation\n");
contact = ast_strip_quoted(contact, "<", ">");
if (!strncasecmp(contact, "sip:", 4)) {
host = contact + 4;
} else if (!strncasecmp(contact, "sips:", 5)) {
host = contact + 5;
} else {
/* Not a SIP URI */
return -1;
}
if (!(uri = pjsip_parse_uri(pool, (char *)contact_uri, strlen(contact_uri), 0)) ||
(!PJSIP_URI_SCHEME_IS_SIP(uri) && !PJSIP_URI_SCHEME_IS_SIPS(uri))) {
pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
return -1;
at = strchr(contact, '@');
if (at) {
/* sip[s]:user@host */
host = at + 1;
}
sip_uri = pjsip_uri_get_uri(uri);
if (sip_uri->port == 0) {
if (host[0] == '[') {
/* Host is an IPv6 address. Just get up to the matching bracket */
char *close_bracket;
close_bracket = strchr(host, ']');
if (!close_bracket) {
return -1;
}
close_bracket++;
if (*close_bracket == ':') {
theres_a_port = 1;
}
*close_bracket = '\0';
} else {
/* uri parameters could contain ';' so trim them off first */
host = strsep(&host, ";?");
/* Host is FQDN or IPv4 address. Need to find closing delimiter */
if (strchr(host, ':')) {
theres_a_port = 1;
host = strsep(&host, ":");
}
}
if (!theres_a_port) {
max_length -= strlen("_sips.tcp.");
}
if (sip_uri->host.slen > max_length) {
pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
if (strlen(host) > max_length) {
return -1;
}
pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
return 0;
}