[Devel] [Fwd: [Serdev] CVS:commitlog: sip_router/modules/usrloc
ucontact.c]
Klaus Darilion
klaus.mailinglists at pernau.at
Mon Jan 23 11:44:57 CET 2006
I think this update is also interesting for openser
regards
klaus
-------- Original Message --------
Subject: [Serdev] CVS:commitlog: sip_router/modules/usrloc ucontact.c
Date: Fri, 20 Jan 2006 19:27:43 +0100
From: Maxim Sobolev <sobomax at portaone.com>
To: serdev at iptel.org
sobomax 2006/01/20 19:27:43 CET
SER CVS Repository
Modified files:
modules/usrloc ucontact.c
Log:
When inserting/updating contacts in the DB make sure to not overflow
column
limit for user_agent, contact and callid columns. Otherwise the UA
can cause
DoS by sending (intentionally or not) value exceeding column limit in
any of the corresponding header fields. It is also probably an issue with
error-handling (or lack of thereof) in particular DB backends, but on
0.9.3 with postgresql backend such unchecked insert causes segfault.
Revision Changes Path
1.45 +13 -8 sip_router/modules/usrloc/ucontact.c
http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/modules/usrloc/ucontact.c.diff?r1=1.44&r2=1.45
_______________________________________________
Serdev mailing list
Serdev at iptel.org
http://mail.iptel.org/mailman/listinfo/serdev
More information about the Devel
mailing list