[sr-dev] [kamailio/kamailio] topoh: add additional safety checks (#1052)

Paul Claudiu Boriga notifications at github.com
Mon Apr 3 14:55:32 CEST 2017


Hello,

I have added some extra verifications to the th_unmask* functions from topoh. The changes add statements which verify that headers contain expected prefix (including mask ip) before trying to unmask them. It seems that some of the th_unmask* functions only check that the headers exist, and then they directly call th_mask_decode on the data.

If other messages that are not encoded by topoh are processed by this function, th_mask_decode may not return an error, and instead create an unreadable string and this is added to the message. Therefore I added some additional checks to see that the message has the expected prefix (or when possible check directly that the host IP is the mask_ip set), if the header does not have the expected form then unmasking is not attempted. 

Thanks, 
Claudiu Boriga.
You can view, comment on, or merge this pull request online at:

  https://github.com/kamailio/kamailio/pull/1052

-- Commit Summary --

  * topoh: add additional safety checks

-- File Changes --

    M src/modules/topoh/th_msg.c (44)

-- Patch Links --

https://github.com/kamailio/kamailio/pull/1052.patch
https://github.com/kamailio/kamailio/pull/1052.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/1052
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20170403/8a56e116/attachment.html>


More information about the sr-dev mailing list