[tracker] Task opened: decode_contact() fails on certain legitimate request URIs - sr-dev

7 Jan 2013


      THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.
A new Flyspray task has been opened.  Details are below.
User who did this - Richard Brady (rnbrady)
Attached to Project - sip-router
Summary - decode_contact() fails on certain legitimate request URIs
Task Type - Bug Report
Category - Modules kamailio
Status - Unconfirmed
Assigned To - 
Operating System - Linux
Severity - Low
Priority - Normal
Reported Version - 3.3
Due in Version - Undecided
Due Date - Undecided
Details - Decode contact() fails decode_contact() fails on certain legitimate request URIs, such as:
sip:natted_ua*alice;day=tuesday**192.168.242.102*5060*udp@1.2.3.4
This is due to the semicolon in the userinfo part of the URI. The problem code is in the decode2format function in siputils/contact_ops.c:
if (((*pos) == '>')||(*pos == ';'))
                                {
                                /* invalid chars inside username part */
                                return -5;
                                }
The ABNF in RFC3261 makes it clear that a semicolon is ok in the user-info field:
userinfo         =  ( user / telephone-subscriber ) [ ":" password ] "@"
user             =  1*( unreserved / escaped / user-unreserved )
user-unreserved  =  "&" / "=" / "+" / "$" / "," / ";" / "?" / "/"
The code might be to check for the end of a URI (both those characters terminate a URI under certain circumstances), perhaps for fault tolerance and/or security but I don't think it's been done in a way that makes sense, for the following reasons:
1. An angle bracket is not legal in or surrounding a request URI, so it should be picked up by the parser and/or sanity check. 
2. A semicolon is totally legal in the userinfo part, as per ABNF above and also as explained in RFC3261:
    ...
    sip:alice;day=tuesday@atlanta.com
The last sample URI above has a user field value of
    "alice;day=tuesday".  The escaping rules defined above allow a
    semicolon to appear unescaped in this field.  For the purposes of
    this protocol, the field is opaque.  The structure of that value is
    only useful to the SIP element responsible for the resource.
More information can be found at the following URL:
http://sip-router.org/tracker/index.php?do=details&task_id=263
You are receiving this message because you have requested it from the Flyspray bugtracking system.  If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.