The bug I encountered was quite the corner case, I'm not surprised nobody's
noticed it. It's because the strings here are not zero-terminated by default, but
`parse_user_data` requires a zero-terminated string by virtue of documentation. The bug I
got was during diameter Cx registration termination requests with very specific XMLs being
received, I managed to hit a place that was passing a string that was not zero-terminated.
The end result was a failed check against the XML schema and the request being interpreted
as invalid.
I believe I've solved the issue fundamentally by using `xmlParseMemory` instead of
`xmlParseDoc` because the latter requires a zero-terminated string, while the former works
with a buffer length, which is exactly what the strings here do.
--
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/3050#issuecomment-1064466446
You are receiving this because you are subscribed to this thread.
Message ID: <kamailio/kamailio/pull/3050/c1064466446(a)github.com>