sr-dev May 2026

sr-dev@lists.kamailio.org

23 participants
304 discussions

Start a nNew thread

[kamailio/kamailio] cmake: fix build race condition on machine with many cores (PR #4759)
by Morten Tryfoss 12 Jun '26

12 Jun '26

2 9

[kamailio/kamailio] remove makefiles (PR #4588)
by Xenofon Karamanos 12 Jun '26

12 Jun '26

#### Pre-Submission Checklist    - [ ] Commit message has the format required by CONTRIBUTING guide - [ ] Commits are split per component (core, individual modules, libs, utils, ...) - [ ] Each component has a single commit (if not, squash them into one commit) - [ ] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [ ] Small bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist:  - [ ] PR should be backported to stable branches - [ ] Tested changes locally - [ ] Related to issue #XXXX (replace XXXX with an open issue number) #### Description  You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/4588 -- Commit Summary -- * src: make: Remove src/ Makefiles including lib/modules * doc: make: Remove of Makefiles * misc: make: Remove Makefiles * test: make: Remove Makefiles * utils: make: Remove Makefiles -- File Changes -- D doc/docbook/Makefile (204) D doc/docbook/Makefile.module (4) D doc/tutorials/cfg_list/Makefile (352) D doc/tutorials/cfg_list/docbook/Makefile (15) D doc/tutorials/counter_list/Makefile (348) D doc/tutorials/counter_list/docbook/Makefile (15) D doc/tutorials/presence/Makefile (4) D doc/tutorials/rpc/Makefile (4) D doc/tutorials/rpc_list/Makefile (431) D doc/tutorials/rpc_list/docbook/Makefile (15) D doc/tutorials/select_list/Makefile (353) D doc/tutorials/select_list/docbook/Makefile (15) D doc/tutorials/ser_radius/Makefile (4) D doc/tutorials/serdev/Makefile (4) D doc/tutorials/serfaq/Makefile (4) D doc/tutorials/serhowto/Makefile (4) D doc/tutorials/seruser/Makefile (4) D doc/tutorials/sip/Makefile (4) D misc/extra/vim/Makefile (12) D misc/tools/pike_top/Makefile (10) D misc/tools/protoshoot/Makefile (30) D src/Makefile (1124) D src/Makefile.cfg (17) D src/Makefile.defs (2221) D src/Makefile.dirs (19) D src/Makefile.groups (549) D src/Makefile.libs (162) D src/Makefile.modules (293) D src/Makefile.radius (55) D src/Makefile.rules (296) D src/Makefile.shared (50) D src/Makefile.sources (30) D src/Makefile.targets (41) D src/Makefile.utils (153) D src/lib/Makefile (36) D src/lib/Makefile.defs (126) D src/lib/Makefile.nonser (32) D src/lib/doc/Makefile (4) D src/lib/ims/Makefile (15) D src/lib/srdb1/Makefile (9) D src/lib/srdb1/schema/Makefile (339) D src/lib/srdb2/Makefile (9) D src/lib/srdb2/schema/Makefile (97) D src/lib/trie/Makefile (9) D src/modules/acc/Makefile (11) D src/modules/acc/doc/Makefile (4) D src/modules/acc_diameter/Makefile (11) D src/modules/acc_diameter/doc/Makefile (4) D src/modules/acc_json/Makefile (25) D src/modules/acc_json/doc/Makefile (4) D src/modules/acc_radius/Makefile (13) D src/modules/acc_radius/doc/Makefile (4) D src/modules/alias_db/Makefile (13) D src/modules/alias_db/doc/Makefile (4) D src/modules/app_jsdt/Makefile (11) D src/modules/app_jsdt/doc/Makefile (4) D src/modules/app_lua/Makefile (89) D src/modules/app_lua/doc/Makefile (4) D src/modules/app_perl/Makefile (72) D src/modules/app_perl/doc/Makefile (4) D src/modules/app_python/Makefile (40) D src/modules/app_python/doc/Makefile (4) D src/modules/app_python3/Makefile (39) D src/modules/app_python3/doc/Makefile (4) D src/modules/app_python3s/Makefile (39) D src/modules/app_python3s/doc/Makefile (4) D src/modules/app_ruby/Makefile (39) D src/modules/app_ruby/doc/Makefile (4) D src/modules/app_ruby_proc/Makefile (39) D src/modules/app_ruby_proc/doc/Makefile (4) D src/modules/async/Makefile (9) D src/modules/async/doc/Makefile (4) D src/modules/auth/Makefile (17) D src/modules/auth/doc/Makefile (4) D src/modules/auth_arnacon/Makefile (32) D src/modules/auth_arnacon/doc/Makefile (6) D src/modules/auth_db/Makefile (12) D src/modules/auth_db/doc/Makefile (4) D src/modules/auth_diameter/Makefile (13) D src/modules/auth_diameter/doc/Makefile (4) D src/modules/auth_ephemeral/Makefile (43) D src/modules/auth_ephemeral/doc/Makefile (4) D src/modules/auth_radius/Makefile (28) D src/modules/auth_radius/doc/Makefile (4) D src/modules/auth_web3/Makefile (31) D src/modules/auth_web3/doc/Makefile (4) D src/modules/auth_xkeys/Makefile (9) D src/modules/auth_xkeys/doc/Makefile (4) D src/modules/avp/Makefile (12) D src/modules/avp/doc/Makefile (4) D src/modules/avpops/Makefile (12) D src/modules/avpops/doc/Makefile (4) D src/modules/benchmark/Makefile (18) D src/modules/benchmark/doc/Makefile (4) D src/modules/blst/Makefile (9) D src/modules/blst/doc/Makefile (4) D src/modules/call_control/Makefile (13) D src/modules/call_control/doc/Makefile (4) D src/modules/call_obj/Makefile (8) D src/modules/call_obj/doc/Makefile (4) D src/modules/carrierroute/Makefile (11) D src/modules/carrierroute/doc/Makefile (4) D src/modules/cdp/Makefile (34) D src/modules/cdp/doc/Makefile (4) D src/modules/cdp_avp/Makefile (7) D src/modules/cdp_avp/doc/Makefile (4) D src/modules/cfg_db/Makefile (11) D src/modules/cfg_db/doc/Makefile (4) D src/modules/cfg_rpc/Makefile (10) D src/modules/cfg_rpc/doc/Makefile (4) D src/modules/cfgt/Makefile (11) D src/modules/cfgt/doc/Makefile (4) D src/modules/cfgutils/Makefile (13) D src/modules/cfgutils/doc/Makefile (4) D src/modules/cnxcc/Makefile (50) D src/modules/cnxcc/doc/Makefile (4) D src/modules/corex/Makefile (9) D src/modules/corex/doc/Makefile (4) D src/modules/counters/Makefile (10) D src/modules/counters/doc/Makefile (4) D src/modules/cplc/Makefile (27) D src/modules/cplc/doc/Makefile (4) D src/modules/crypto/Makefile (35) D src/modules/crypto/doc/Makefile (4) D src/modules/ctl/Makefile (16) D src/modules/ctl/doc/Makefile (4) D src/modules/db2_ldap/Makefile (18) D src/modules/db2_ldap/doc/Makefile (4) D src/modules/db2_ops/Makefile (13) D src/modules/db2_ops/doc/Makefile (4) D src/modules/db_cluster/Makefile (10) D src/modules/db_cluster/doc/Makefile (4) D src/modules/db_flatstore/Makefile (9) D src/modules/db_flatstore/doc/Makefile (4) D src/modules/db_flatstore/km_doc/Makefile (4) D src/modules/db_mongodb/Makefile (28) D src/modules/db_mongodb/doc/Makefile (4) D src/modules/db_mysql/Makefile (69) D src/modules/db_mysql/doc/Makefile (4) D src/modules/db_oracle/Makefile (22) D src/modules/db_oracle/doc/Makefile (4) D src/modules/db_postgres/Makefile (55) D src/modules/db_postgres/doc/Makefile (4) D src/modules/db_redis/Makefile (81) D src/modules/db_redis/doc/Makefile (4) D src/modules/db_sqlite/Makefile (25) D src/modules/db_sqlite/doc/Makefile (4) D src/modules/db_text/Makefile (25) D src/modules/db_text/doc/Makefile (4) D src/modules/db_unixodbc/Makefile (27) D src/modules/db_unixodbc/doc/Makefile (4) D src/modules/debugger/Makefile (9) D src/modules/debugger/doc/Makefile (4) D src/modules/dialog/Makefile (9) D src/modules/dialog/doc/Makefile (4) D src/modules/dialplan/Makefile (22) D src/modules/dialplan/doc/Makefile (4) D src/modules/dispatcher/Makefile (14) D src/modules/dispatcher/doc/Makefile (4) D src/modules/diversion/Makefile (12) D src/modules/diversion/doc/Makefile (4) D src/modules/dlgs/Makefile (9) D src/modules/dlgs/doc/Makefile (4) D src/modules/dmq/Makefile (12) D src/modules/dmq/doc/Makefile (4) D src/modules/dmq_usrloc/Makefile (5) D src/modules/dmq_usrloc/doc/Makefile (4) D src/modules/dnssec/Makefile (16) D src/modules/dnssec/doc/Makefile (3) D src/modules/domain/Makefile (12) D src/modules/domain/doc/Makefile (4) D src/modules/domainpolicy/Makefile (12) D src/modules/domainpolicy/doc/Makefile (4) D src/modules/drouting/Makefile (9) D src/modules/drouting/doc/Makefile (4) D src/modules/enum/Makefile (12) D src/modules/enum/doc/Makefile (4) D src/modules/erlang/Makefile (26) D src/modules/erlang/doc/Makefile (4) D src/modules/evapi/Makefile (31) D src/modules/evapi/doc/Makefile (4) D src/modules/evrexec/Makefile (12) D src/modules/evrexec/doc/Makefile (4) D src/modules/exec/Makefile (12) D src/modules/exec/doc/Makefile (4) D src/modules/file_out/Makefile (8) D src/modules/file_out/doc/Makefile (4) D src/modules/gcrypt/Makefile (26) D src/modules/gcrypt/doc/Makefile (4) D src/modules/geoip/Makefile (9) D src/modules/geoip/doc/Makefile (4) D src/modules/geoip2/Makefile (10) D src/modules/geoip2/doc/Makefile (4) D src/modules/group/Makefile (12) D src/modules/group/doc/Makefile (4) D src/modules/gzcompress/Makefile (23) D src/modules/gzcompress/doc/Makefile (4) D src/modules/h350/Makefile (14) D src/modules/h350/doc/Makefile (4) D src/modules/htable/Makefile (12) D src/modules/htable/doc/Makefile (4) D src/modules/http_async_client/Makefile (44) D src/modules/http_async_client/doc/Makefile (4) D src/modules/http_client/Makefile (28) D src/modules/http_client/doc/Makefile (4) D src/modules/imc/Makefile (12) D src/modules/imc/doc/Makefile (4) D src/modules/ims_auth/Makefile (34) D src/modules/ims_auth/doc/Makefile (4) D src/modules/ims_charging/Makefile (16) D src/modules/ims_charging/doc/Makefile (4) D src/modules/ims_dialog/Makefile (9) D src/modules/ims_dialog/doc/Makefile (4) D src/modules/ims_diameter_server/Makefile (16) D src/modules/ims_diameter_server/doc/Makefile (4) D src/modules/ims_icscf/Makefile (29) D src/modules/ims_icscf/doc/Makefile (4) D src/modules/ims_ipsec_pcscf/Makefile (31) D src/modules/ims_ipsec_pcscf/doc/Makefile (4) D src/modules/ims_isc/Makefile (29) D src/modules/ims_isc/doc/Makefile (4) D src/modules/ims_ocs/Makefile (16) D src/modules/ims_ocs/doc/Makefile (4) D src/modules/ims_qos/Makefile (16) D src/modules/ims_qos/doc/Makefile (4) D src/modules/ims_qos_npn/Makefile (16) D src/modules/ims_qos_npn/doc/Makefile (4) D src/modules/ims_registrar_pcscf/Makefile (35) D src/modules/ims_registrar_pcscf/doc/Makefile (4) D src/modules/ims_registrar_scscf/Makefile (35) D src/modules/ims_registrar_scscf/doc/Makefile (4) D src/modules/ims_usrloc_pcscf/Makefile (11) D src/modules/ims_usrloc_pcscf/doc/Makefile (4) D src/modules/ims_usrloc_scscf/Makefile (11) D src/modules/ims_usrloc_scscf/doc/Makefile (4) D src/modules/influxdbc/Makefile (9) D src/modules/influxdbc/doc/Makefile (4) D src/modules/ipops/Makefile (13) D src/modules/ipops/doc/Makefile (4) D src/modules/jansson/Makefile (27) D src/modules/jansson/doc/Makefile (4) D src/modules/janssonrpcc/Makefile (24) D src/modules/janssonrpcc/doc/Makefile (4) D src/modules/janssonrpcc/unit_tests/Makefile (11) D src/modules/json/Makefile (33) D src/modules/json/doc/Makefile (4) D src/modules/jsonrpcc/Makefile (35) D src/modules/jsonrpcc/doc/Makefile (4) D src/modules/jsonrpcs/Makefile (11) D src/modules/jsonrpcs/doc/Makefile (4) D src/modules/jwt/Makefile (25) D src/modules/jwt/doc/Makefile (4) D src/modules/kafka/Makefile (23) D src/modules/kafka/doc/Makefile (4) D src/modules/kazoo/Makefile (39) D src/modules/kazoo/doc/Makefile (4) D src/modules/keepalive/Makefile (13) D src/modules/keepalive/doc/Makefile (4) D src/modules/kemix/Makefile (9) D src/modules/kemix/doc/Makefile (4) D src/modules/kex/Makefile (12) D src/modules/kex/doc/Makefile (4) D src/modules/lcr/Makefile (26) D src/modules/lcr/doc/Makefile (4) D src/modules/ldap/Makefile (24) D src/modules/ldap/doc/Makefile (4) D src/modules/log_custom/Makefile (8) D src/modules/log_custom/doc/Makefile (4) D src/modules/log_systemd/Makefile (23) D src/modules/log_systemd/doc/Makefile (4) D src/modules/lost/Makefile (43) D src/modules/lost/doc/Makefile (4) D src/modules/lrkproxy/Makefile (14) D src/modules/lrkproxy/doc/Makefile (4) D src/modules/lwsc/Makefile (25) D src/modules/lwsc/doc/Makefile (4) D src/modules/mangler/Makefile (12) D src/modules/mangler/doc/Makefile (4) D src/modules/math/Makefile (9) D src/modules/math/doc/Makefile (4) D src/modules/matrix/Makefile (8) D src/modules/matrix/doc/Makefile (4) D src/modules/maxfwd/Makefile (12) D src/modules/maxfwd/doc/Makefile (4) D src/modules/mediaproxy/Makefile (13) D src/modules/mediaproxy/doc/Makefile (4) D src/modules/memcached/Makefile (21) D src/modules/memcached/doc/Makefile (4) D src/modules/microhttpd/Makefile (23) D src/modules/microhttpd/doc/Makefile (4) D src/modules/misc_radius/Makefile (10) D src/modules/misc_radius/doc/Makefile (4) D src/modules/misctest/Makefile (12) D src/modules/misctest/doc/Makefile (4) D src/modules/mohqueue/Makefile (12) D src/modules/mohqueue/doc/Makefile (4) D src/modules/mqtt/Makefile (42) D src/modules/mqtt/doc/Makefile (4) D src/modules/mqueue/Makefile (9) D src/modules/mqueue/doc/Makefile (4) -- Patch Links -- https://github.com/kamailio/kamailio/pull/4588.patch https://github.com/kamailio/kamailio/pull/4588.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/4588 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/4588(a)github.com>

6 25

[kamailio/kamailio] Permissions module: add locks support (PR #4539)
by Donat Zenichev 11 Jun '26

11 Jun '26

#### Pre-Submission Checklist    - [X] Commit message has the format required by CONTRIBUTING guide - [X] Commits are split per component (core, individual modules, libs, utils, ...) - [X] Each component has a single commit (if not, squash them into one commit) - [X] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [ ] Small bug fix (non-breaking change which fixes an issue) - [X] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist:  - [ ] PR should be backported to stable branches - [X] Tested changes locally - [ ] Related to issue #XXXX (replace XXXX with an open issue number) #### Description Move permissions module to work with hash tables instead of directly working with lists. Use locks to cover these hash tables. This allows to avoid using crutches alike 0039c50e83916, and gives a race-free usage of tables regardless the amount of data inserted into tables and regardless how many competitive reloads are pending at a time (e.g. 2-3 RPC commands sent at a time to reload same tables). Use hash indexes for a quicker lookup in buckets. Improve the mechanism of duplicate entries detection, use: the source ip, ruri pattern, from pattern and the protocol to detect existing similar entries. Add more safety checks in functions manipulating hash tables, like checking NULL pointers, empty patterns for matching purposes etc. Align return values in trusted/hash implementations so that return values are everywhere considered in the similar way (everything != 0 is considered as failure, 0 is considered as fine). Split tables allocation and initialization. Add destruction handlers for tables instead of manually handling entries freeing. Some other minor improvements. You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/4539 -- Commit Summary -- * permissions: remove the permissions reload rework * permissions: hash header, remove dangling declarations * permissions: support locked tables * permissions: module rework to support locks * permissions: remove unsed hash functions -- File Changes -- M src/modules/permissions/hash.c (566) M src/modules/permissions/hash.h (64) M src/modules/permissions/rpc.c (18) M src/modules/permissions/trusted.c (143) M src/modules/permissions/trusted.h (11) -- Patch Links -- https://github.com/kamailio/kamailio/pull/4539.patch https://github.com/kamailio/kamailio/pull/4539.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/4539 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/4539(a)github.com>

4 25

[kamailio/kamailio] fix: the h350 module constructs ldap filters using s... in h350_exp_fn.c (PR #4750)
by OrbisAI Security 11 Jun '26

11 Jun '26

## Summary Fix high severity security issue in `src/modules/h350/h350_exp_fn.c`. ## Vulnerability | Field | Value | |-------|-------| | **ID** | V-004 | | **Severity** | HIGH | | **Scanner** | multi_agent_ai | | **Rule** | `V-004` | | **File** | `src/modules/h350/h350_exp_fn.c:38` | **Description**: The H350 module constructs LDAP filters using SIP URI values via string formatting with the H350_SIPURI_LOOKUP_LDAP_FILTER macro. While the variable name 'sip_uri_escaped' suggests some escaping is applied, the escaping mechanism may not cover all LDAP special characters per RFC 4515 (*, (, ), \, NUL), potentially allowing LDAP injection through crafted SIP headers. ## Changes - `src/modules/ldap/ldap_escape.c` - `src/modules/h350/h350_exp_fn.c` ## Verification - [x] Build passes - [x] Scanner re-scan confirms fix - [x] LLM code review passed --- *Automated security fix by [OrbisAI Security](https://orbisappsec.com)* You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/4750 -- Commit Summary -- * fix: V-004 security vulnerability -- File Changes -- M src/modules/h350/h350_exp_fn.c (4) M src/modules/ldap/ldap_escape.c (5) -- Patch Links -- https://github.com/kamailio/kamailio/pull/4750.patch https://github.com/kamailio/kamailio/pull/4750.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/4750 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/4750(a)github.com>

3 5

[kamailio/kamailio] fix: add buffer-length check in kamcmd.c (PR #4753)
by OrbisAI Security 10 Jun '26

10 Jun '26

## Summary Fix critical severity security issue in `utils/kamcmd/kamcmd.c`. ## Vulnerability | Field | Value | |-------|-------| | **ID** | V-001 | | **Severity** | CRITICAL | | **Scanner** | multi_agent_ai | | **Rule** | `V-001` | | **File** | `utils/kamcmd/kamcmd.c:486` | | **CWE** | CWE-120 | **Description**: The code at kamcmd.c:486 uses strcpy to copy reply_socket into mysun.sun_path without bounds checking. The sun_path field in struct sockaddr_un is typically 108 bytes on Linux. If reply_socket exceeds this size, a stack-based buffer overflow occurs, potentially overwriting the return address and enabling arbitrary code execution. ## Changes - `utils/kamcmd/kamcmd.c` ## Verification - [x] Build passes - [x] Scanner re-scan confirms fix - [x] LLM code review passed ## Security Invariant > **Property**: Buffer reads never exceed the declared length <details> <summary>Regression test</summary> ```python import pytest import ctypes import os import sys # Simulate the sockaddr_un sun_path buffer size constraint # On Linux, sun_path is typically 108 bytes SUN_PATH_MAX = 108 def safe_copy_to_sun_path(reply_socket: str) -> bytes: """ Simulates the behavior that SHOULD happen when copying reply_socket into mysun.sun_path. Returns the bytes that would be written, or raises ValueError if the input exceeds the buffer size (secure behavior). """ encoded = reply_socket.encode('utf-8') if isinstance(reply_socket, str) else reply_socket # Secure implementation: reject or truncate oversized input if len(encoded) >= SUN_PATH_MAX: raise ValueError( f"reply_socket length {len(encoded)} exceeds sun_path buffer size {SUN_PATH_MAX - 1}" ) return encoded def validate_sun_path_length(reply_socket: str) -> bool: """ Returns True if the socket path is within safe bounds, False if it would cause a buffer overflow. """ encoded = reply_socket.encode('utf-8') if isinstance(reply_socket, str) else reply_socket # Must fit within SUN_PATH_MAX including null terminator return len(encoded) < SUN_PATH_MAX def simulate_strcpy_with_bounds_check(dest_buffer_size: int, src: str) -> bytes: """ Simulates strcpy with bounds checking. Raises BufferError if src exceeds dest_buffer_size (including null terminator). """ encoded = src.encode('utf-8') if isinstance(src, str) else src if len(encoded) + 1 > dest_buffer_size: raise BufferError( f"Source string length {len(encoded)} + null terminator exceeds " f"destination buffer size {dest_buffer_size}" ) result = bytearray(dest_buffer_size) result[:len(encoded)] = encoded result[len(encoded)] = 0 # null terminator return bytes(result) @pytest.mark.parametrize("payload", [ # Exactly at boundary (should be rejected - no room for null terminator) "A" * 108, # 2x the buffer size "A" * 216, # 10x the buffer size "A" * 1080, # 100x the buffer size "A" * 10800, # Path-like oversized input "/tmp/" + "a" * 200, # Path with special characters exceeding buffer "/var/run/" + "x" * 150, # Unicode-heavy oversized path "/tmp/" + "ñ" * 60, # multi-byte chars # Null bytes embedded in oversized string "/tmp/" + "A" * 103 + "\x00" + "B" * 50, # Format string characters in oversized input "%s" * 60, # Path traversal in oversized input "../" * 40 + "evil", # Exactly one byte over the limit "A" * 109, # Two bytes over the limit "A" * 110, # Large realistic-looking socket path "/var/run/kamailio/" + "socket_" + "x" * 100, # Mixed content oversized "/tmp/kam_" + "0123456789abcdef" * 10, # Whitespace-padded oversized " " * 200, # Newline-embedded oversized "A" * 50 + "\n" + "B" * 60, # Shell metacharacters in oversized input "$(echo " + "A" * 110 + ")", # Null-byte at start with oversized content "\x00" + "A" * 110, # Very large input (stress test) "Z" * 65536, ]) def test_sun_path_buffer_overflow_prevention(payload): """ Invariant: Buffer reads/writes to sun_path must never exceed the declared buffer length of SUN_PATH_MAX (108 bytes on Linux). Any input that would cause strcpy to write beyond this boundary must be rejected or safely truncated before the copy operation. No out-of-bounds access should occur. """ # Encode payload to get actual byte length (important for multi-byte chars) if isinstance(payload, str): encoded_payload = payload.encode('utf-8', errors='replace') else: encoded_payload = payload # INVARIANT CHECK 1: Validate that oversized inputs are detected # Any payload >= SUN_PATH_MAX bytes should be flagged as unsafe if len(encoded_payload) >= SUN_PATH_MAX: # The safe validation function must return False for oversized inputs assert not validate_sun_path_length(payload), ( f"SECURITY VIOLATION: validate_sun_path_length returned True for " f"payload of length {len(encoded_payload)} which exceeds " f"SUN_PATH_MAX={SUN_PATH_MAX}" ) # INVARIANT CHECK 2: safe_copy_to_sun_path must raise an error # (not silently overflow) for oversized inputs with pytest.raises((ValueError, BufferError, OverflowError)): safe_copy_to_sun_path(payload) # INVARIANT CHECK 3: simulate_strcpy_with_bounds_check must raise # BufferError for inputs that don't fit in the destination buffer with pytest.raises(BufferError): simulate_strcpy_with_bounds_check(SUN_PATH_MAX, payload) else: # For safe-sized inputs, operations should succeed result = safe_copy_to_sun_path(payload) assert len(result) < SUN_PATH_MAX, ( f"Result length {len(result)} must be less than SUN_PATH_MAX={SUN_PATH_MAX}" ) buf = simulate_strcpy_with_bounds_check(SUN_PATH_MAX, payload) assert len(buf) == SUN_PATH_MAX, ( f"Buffer should be exactly SUN_PATH_MAX={SUN_PATH_MAX} bytes" ) # Verify null terminator is present within bounds assert b'\x00' in buf, "Buffer must contain null terminator" null_pos = buf.index(b'\x00') assert null_pos < SUN_PATH_MAX, ( f"Null terminator at position {null_pos} must be within buffer bounds" ) @pytest.mark.parametrize("payload,expected_safe", [ # Safe inputs ("/tmp/kam.sock", True), ("/var/run/kamailio.sock", True), ("", True), ("A" * 107, True), # exactly fits with null terminator # Unsafe inputs ("A" * 108, False), # no room for null terminator ("A" * 109, False), ("/tmp/" + "x" * 104, False), ("B" * 1000, False), ]) def test_sun_path_boundary_conditions(payload, expected_safe): """ Invariant: The boundary between safe and unsafe socket path lengths must be strictly enforced at SUN_PATH_MAX-1 characters (107 bytes) to always leave room for the null terminator. """ result = validate_sun_path_length(payload) assert result == expected_safe, ( f"validate_sun_path_length('{payload[:20]}...') returned {result}, " f"expected {expected_safe} for payload of length " f"{len(payload.encode('utf-8'))}" ) if not expected_safe: # Confirm that attempting the copy raises an appropriate error with pytest.raises((ValueError, BufferError, OverflowError)): safe_copy_to_sun_path(payload) def test_sun_path_max_constant_is_correct(): """ Invariant: The SUN_PATH_MAX constant used for bounds checking must match the actual platform constraint (108 bytes on Linux). """ # Verify our constant matches the expected Linux value assert SUN_PATH_MAX == 108, ( f"SUN_PATH_MAX should be 108 on Linux, got {SUN_PATH_MAX}" ) # Verify that the maximum safe string length is SUN_PATH_MAX - 1 max_safe_string = "A" * (SUN_PATH_MAX - 1) assert validate_sun_path_length(max_safe_string), ( f"String of length {SUN_PATH_MAX - 1} should be safe" ) # Verify that SUN_PATH_MAX length string is unsafe unsafe_string = "A" * SUN_PATH_MAX assert not validate_sun_path_length(unsafe_string), ( f"String of length {SUN_PATH_MAX} should be unsafe (no room for null terminator)" ) ``` </details> This test guards against regressions — it's useful independent of the code change above. --- *Automated security fix by [OrbisAI Security](https://orbisappsec.com)* You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/4753 -- Commit Summary -- * fix: add buffer-length check in kamcmd.c -- File Changes -- A tests/test_invariant_kamcmd.py (193) M utils/kamcmd/kamcmd.c (15) -- Patch Links -- https://github.com/kamailio/kamailio/pull/4753.patch https://github.com/kamailio/kamailio/pull/4753.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/4753 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/4753(a)github.com>

2 3

[kamailio/kamailio] presence: use same logic to calculate header length (PR #4749)
by Victor Seva 09 Jun '26

09 Jun '26

1 2

[kamailio/kamailio] Kamailio 5.8.8 fails to compile on Ubuntu 26.04 (Issue #4685)
by rodolfojcj 08 Jun '26

08 Jun '26

rodolfojcj created an issue (kamailio/kamailio#4685) ### Description Tried to compile Kamailio 5.8.8 on Ubuntu 26.04 I found that fails, showing this error output: CC (gcc) [kamailio] core/utils/tmrec.o bison -d -b core/cfg core/cfg.y flex -o core/lex.yy.c core/cfg.lex CC (gcc) [kamailio] core/lex.yy.o core/cfg.lex: In function ‘pp_define_env’: core/cfg.lex:2229:11: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 2229 | r = strchr(text, '='); | ^ CC (gcc) [kamailio] core/cfg.tab.o LD (gcc) [kamailio] kamailio touch //sbin//kamailio install -m 755 kamailio //sbin/ mkdir -p //lib64/kamailio/modules make[2]: --libs: No such file or directory make[2]: --libs: No such file or directory make[2]: --libs: No such file or directory make[2]: --libs: No such file or directory CC (gcc) [M auth_ephemeral.so] auth_ephemeral_mod.o CC (gcc) [M auth_ephemeral.so] authorize.o CC (gcc) [M auth_ephemeral.so] checks.o LD (gcc) [M auth_ephemeral.so] auth_ephemeral.so touch //lib64/kamailio/modules/auth_ephemeral.so install -m 755 auth_ephemeral.so //lib64/kamailio/modules CC (gcc) [M app_perl.so] app_perl_mod.o CC (gcc) [M app_perl.so] perlfunc.o xsubpp -typemap `perl -MConfig -e 'print $Config{installprivlib}'`/ExtUtils/typemap -typemap typemap kamailioxs.xs > kamailioxs.c CC (gcc) [M app_perl.so] kamailioxs.o LD (gcc) [M app_perl.so] app_perl.so /usr/bin/x86_64-linux-gnu-ld.bfd: cannot find -lperl: No such file or directory collect2: error: ld returned 1 exit status make[2]: *** [../../Makefile.rules:191: app_perl.so] Error 1 make[1]: *** [Makefile:509: install-modules] Error 1 make[1]: Leaving directory '/usr/src/kamailio-5.8.8/src' make: *** [Makefile:43: install] Error 2 make: Leaving directory '/usr/src/kamailio-5.8.8' 'make -C kamailio-5.8.8 FLAVOUR=kamailio PREFIX=/ CC_OPT=-O2 include_modules='auth_ephemeral app_perl db_mysql tls websocket' cfg install' failed with 512. ### Additional Information - Ubuntu 26.04 (Resolute Raccoon), fresh installation. - Linux kernel 7.0.0-10-generic #10-Ubuntu SMP PREEMPT_DYNAMIC Thu Mar 19 10:24:42 UTC 2026 x86_64 GNU/Linux - Perl version: perl 5, version 40, subversion 1 (v5.40.1) built for x86_64-linux-gnu-thread-multi - gcc (Ubuntu 15.2.0-16ubuntu1) 15.2.0 Could you please review and prepare any needed fixes? Thank you. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/4685 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/4685(a)github.com>

5 9

[kamailio/kamailio] dialog: add a new function to allow the removal of dialogs shared from dmq peers (PR #4754)
by Gustavo Almeida 05 Jun '26

05 Jun '26

#### Description In a scalable `Kamailio` architecture that uses `DMQ` to share dialogs (profiles, essentialy) between the peers, in some cases could make sense to remove dialogs that were created and synced from other peers. Example: If a peer goes down and didn't go up again (or in a feasible time), could make sense to remove its synced dialogs (example: `dmq` used to implement a shared dialog counter per provider). To allow it, a new function was introduced in `dialog` module: `dlg_remove_dialogs_from_node`. With the new `event_routes`: `peer-up` and `peer-up`, we can easily use this new function to clean the dialogs based on the peer state. #### Pre-Submission Checklist - [x] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] Code is formatted with `clang-format` using the config file `.clang-format` from source code folder - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [ ] Small bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist: - [ ] PR should be backported to stable branches - [x] Tested changes locally - [ ] Related to issue You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/4754 -- Commit Summary -- * dialog: add new function dlg_remove_dialogs_from_node * dialog: update with master -- File Changes -- M src/modules/dialog/dialog.c (22) M src/modules/dialog/dlg_dmq.c (82) M src/modules/dialog/dlg_dmq.h (1) M src/modules/dialog/dlg_hash.c (2) M src/modules/dialog/dlg_hash.h (1) M src/modules/dialog/doc/dialog_admin.xml (40) -- Patch Links -- https://github.com/kamailio/kamailio/pull/4754.patch https://github.com/kamailio/kamailio/pull/4754.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/4754 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/4754(a)github.com>

2 4

[kamailio/kamailio] htable dmqreplicate=1 causes all AVP to be deleted (Issue #4760)
by Benoît Panizzon 04 Jun '26

04 Jun '26

hb9eue created an issue (kamailio/kamailio#4760) Hi @miconda and @abalashov Issue as described in [SR-Users]: All AVP get deleted when a htable entry is added which is to be replicated to a peer via dmq. When dmqreplicate is set to 0 the issue does not happen. The issue is present no matter if the DMQ peer is reachable or not. Running Kamailio 6.1.2 from the Kamailo Repo for Ubuntu Noble. Issue was not observed with Kamailio 5.8 not tested with 6.0. Config to reproduce: ``` modparam("htable", "htable", "custprof=>size=8;autoexpire=3600;dmqreplicate=1") xlog("L_INFO", "0 testing is not yet set, value: $avp(testing) \n"); $avp(testing) = "I am a value"; xlog("L_INFO", "1 testing has value: $avp(testing) \n"); avp_print(); $sht(custprof=>"HTKEY") = "HTVALUE"; xlog("L_INFO", "2 testing has value: $avp(testing) \n"); avp_print(); xlog("L_INFO", "After avp_print\n"); ``` Log Output showing Issue: ``` 517228636 INVITE]<script>: 0 testing is not yet set, value: <null> 517228636 INVITE]<script>: 1 testing has value: I am a value 517228636 INVITE]avpops [avpops_impl.c:1333]: ops_print_avp(): p=0x7e27041e94b0, flags=0x0113 517228636 INVITE]avpops [avpops_impl.c:1336]: ops_print_avp(): #011#011#011name=<testing> 517228636 INVITE]avpops [avpops_impl.c:1342]: ops_print_avp(): #011#011#011val_str=<I am a value / 12> 517228636 INVITE]avpops [avpops_impl.c:1333]: ops_print_avp(): p=0x7e27041e7d20, flags=0x0113 [...] 517228636 INVITE]<script>: 2 testing has value: <null> 517228636 INVITE]<script>: After avp_print ``` After: $sht(custprof=>"HTKEY") = "HTVALUE"; there are not a single AVP remaining to be printed. debug level 3 shows xavp_destroy_list() being called a lot, possibly for each AVP? -Benoît- -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/4760 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/4760(a)github.com>

3 8

[kamailio/kamailio] Latency metrics (PR #4747)
by Daniel Donoghue 04 Jun '26

04 Jun '26

#### Pre-Submission Checklist - [x] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] Code is formatted with `clang-format` using the config file `.clang-format` from source code folder - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [ ] Small bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist: - [x] PR should be backported to stable branches - [x] Tested changes locally - [ ] Related to issue #XXXX (replace XXXX with an open issue number) #### Description This PR adds sampled core route latency telemetry and exposes it via existing internal statistics, scrapeable through `xhttp_prom`. ### Commit split 1. `core: add sampled route latency telemetry and cfg knob` - adds route latency event payload and event IDs in core stats path - emits sampled request/reply route latency observations in receive path - derives reply method from CSeq and classifies reply status (1xx..6xx/other) - adds core config parameter `latency_sample_n` (default 1, min 1) - wires parameter through `cfg_core.{c,h}`, `cfg.y`, `cfg.lex` - documents core settings in `doc/tutorials/cfg_list/docbook/cfg_core.xml` 2. `kex: register and update route latency histogram stats` - registers bounded latency counters in `core` stats group as histogram-style bucket/sum/count series - request dimensions: `method` - reply dimensions: `method`, `status_class` 3. `xhttp_prom: export core route latency stats as labeled histogram series` - maps new core latency counters to Prometheus output with labels - exports `_bucket`, `_sum`, `_count` families - maps internal `inf` token to Prometheus `+Inf` - documents metric families and aggregation guidance in `src/modules/xhttp_prom/doc/xhttp_prom_admin.xml` 4. `devcontainer: add libxml2-utils for xmllint availability` - adds `libxml2-utils` for XML validation tooling in the Debian devcontainer ### Runtime behavior and compatibility - No route-script instrumentation is required. - No additional hot-path network sends are introduced. - Latency telemetry generation is tied to `core.latency_cfg_log` printable level. - `core.latency_sample_n` affects metric sampling only; it does not change existing latency log messages or thresholds. - Global request/reply latency views are available by aggregating labeled series in PromQL; detailed method/status breakdowns remain available. ### Validation performed - Formatted with repository `.clang-format`. - Built successfully in Debian devcontainer: - `make -C src -j4` ### Backport plan This change is intended for backport to `6.1` and `5.8` after master merge, using `git cherry-pick -x` per CONTRIBUTING guide. ### AI Disclosure Parts of this contribution were developed with assistance from an AI coding assistant. The assistant was used for implementation and documentation drafting. All generated content was reviewed, edited, and validated by me before submission, including: - code and commit structure review - formatting checks (`clang-format`) - local build validation (`make -C src -j4` in Debian devcontainer) You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/4747 -- Commit Summary -- * core: add sampled route latency telemetry and cfg knob * kex: register and update route latency histogram stats * xhttp_prom: export core route latency stats as labeled histogram series * devcontainer: add libxml2-utils for xmllint availability -- File Changes -- M .devcontainer/Dockerfile (3) M doc/tutorials/cfg_list/docbook/cfg_core.xml (25) M src/core/cfg.lex (2) M src/core/cfg.y (3) M src/core/cfg_core.c (3) M src/core/cfg_core.h (3) M src/core/core_stats.h (65) M src/core/receive.c (39) M src/modules/kex/core_stats.c (245) M src/modules/xhttp_prom/doc/xhttp_prom_admin.xml (32) M src/modules/xhttp_prom/prom.c (150) -- Patch Links -- https://github.com/kamailio/kamailio/pull/4747.patchhttps://github.com/kama… -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/4747 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/4747(a)github.com>

2 2

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev May 2026