Don't allow reserved characters to be used in register

lines in sip.conf.

(closes issue #13570)
Reported by: putnopvut



git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@149130 65c4cc65-6c06-0410-ace0-fbb531ad65f3

channels/chan_sip.c

@@ -167,6 +167,8 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
 #define IPTOS_MINCOST           0x02
 #endif
 
+#define SIP_RESERVED ";/?:@&=+$,# "
+
 /* #define VOCAL_DATA_HACK */
 
 #define DEFAULT_DEFAULT_EXPIRY  120
@@ -4724,9 +4726,11 @@ static int sip_register(char *value, int lineno)
 	struct sip_registry *reg;
 	int portnum = 0;
 	char username[256] = "";
+	char *user;
 	char *hostname=NULL, *secret=NULL, *authuser=NULL;
 	char *porta=NULL;
 	char *contact=NULL;
+	char *reserved = NULL;
 
 	if (!value)
 		return -1;
@@ -4747,6 +4751,16 @@ static int sip_register(char *value, int lineno)
 		if (authuser)
 			*authuser++ = '\0';
 	}
+	user = username;
+	if ((reserved = strpbrk(user, SIP_RESERVED))) {
+		goto invalid_char;
+	}
+	if (!ast_strlen_zero(secret) && (reserved = strpbrk(secret, SIP_RESERVED))) {
+		goto invalid_char;
+	}
+	if (!ast_strlen_zero(authuser) && (reserved = strpbrk(authuser, SIP_RESERVED))) {
+		goto invalid_char;
+	}
 	/* split host[:port][/contact] */
 	contact = strchr(hostname, '/');
 	if (contact)
@@ -4762,6 +4776,9 @@ static int sip_register(char *value, int lineno)
 			return -1;
 		}
 	}
+	if ((reserved = strpbrk(hostname, SIP_RESERVED))) {
+		goto invalid_char;
+	}
 	if (!(reg = ast_calloc(1, sizeof(*reg)))) {
 		ast_log(LOG_ERROR, "Out of memory. Can't allocate SIP registry entry\n");
 		return -1;
@@ -4793,6 +4810,10 @@ static int sip_register(char *value, int lineno)
 	ASTOBJ_CONTAINER_LINK(&regl, reg);	/* Add the new registry entry to the list */
 	ASTOBJ_UNREF(reg,sip_registry_destroy);
 	return 0;
+
+invalid_char:
+	ast_log(LOG_WARNING, "A reserved character ('%c') was used in a \"register\" line. This registration will not occur\n", *reserved);
+	return -1;
 }
 
 /*! \brief  Parse multiline SIP headers into one header