[sr-dev] git:master:e26aca34: Merge pull request #1052 from claudiupb/topoh_safetychecks

Mon Apr 3 15:42:27 CEST 2017

Module: kamailio
Branch: master
Commit: e26aca34fc41601ec34e17547d6572a1b2ba365a
URL: https://github.com/kamailio/kamailio/commit/e26aca34fc41601ec34e17547d6572a1b2ba365a

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: GitHub <noreply at github.com>
Date: 2017-04-03T15:42:23+02:00

Merge pull request #1052 from claudiupb/topoh_safetychecks

topoh: add additional safety checks

---

Modified: src/modules/topoh/th_msg.c

---

Diff:  https://github.com/kamailio/kamailio/commit/e26aca34fc41601ec34e17547d6572a1b2ba365a.diff
Patch: https://github.com/kamailio/kamailio/commit/e26aca34fc41601ec34e17547d6572a1b2ba365a.patch

---

diff --git a/src/modules/topoh/th_msg.c b/src/modules/topoh/th_msg.c
index a320c4a..a1f117e3 100644
--- a/src/modules/topoh/th_msg.c
+++ b/src/modules/topoh/th_msg.c
@@ -390,6 +390,14 @@ int th_unmask_via(sip_msg_t *msg, str *cookie)
 			LM_DBG("body: %d: [%.*s]\n", vlen, vlen, via->name.s);
 			if(i!=1)
 			{
+				/* Skip if via is not encoded */
+				if (via->host.len!=th_ip.len
+						|| strncasecmp(via->host.s, th_ip.s, th_ip.len)!=0)
+				{
+					LM_DBG("via %d is not encoded",i);
+					continue;
+				}
+
 				vp = th_get_via_param(via, &th_vparam_name);
 				if(vp==NULL)
 				{
@@ -404,7 +412,7 @@ int th_unmask_via(sip_msg_t *msg, str *cookie)
 							&th_vparam_prefix, 0, &out.len);
 				if(out.s==NULL)
 				{
-					LM_ERR("cannot encode via %d\n", i);
+					LM_ERR("cannot decode via %d\n", i);
 					return -1;
 				}
 					
@@ -475,6 +483,14 @@ int th_unmask_callid(sip_msg_t *msg)
 		LM_ERR("cannot get Call-Id header\n");
 		return -1;
 	}
+
+	/* Do nothing if call-id is not encoded */
+	if ((msg->callid->body.len<th_callid_prefix.len) ||
+			(strncasecmp(msg->callid->body.s,th_callid_prefix.s,th_callid_prefix.len)!=0))
+	{
+		LM_DBG("call-id [%.*s] not encoded",msg->callid->body.len,msg->callid->body.s);
+		return 0;
+	}
 				
 	out.s = th_mask_decode(msg->callid->body.s, msg->callid->body.len,
 					&th_callid_prefix, 0, &out.len);
@@ -670,6 +686,15 @@ int th_unmask_route(sip_msg_t *msg)
 			i++;
 			if(i!=1)
 			{
+				/* Skip if route is not encoded */
+				if ((rr->nameaddr.uri.len<th_uri_prefix.len) ||
+						(strncasecmp(rr->nameaddr.uri.s,th_uri_prefix.s,th_uri_prefix.len)!=0))
+				{
+					LM_DBG("rr %d is not encoded: [%.*s]",i,rr->nameaddr.uri.len,rr->nameaddr.uri.s);
+					rr = rr->next;
+					continue;
+				}
+
 				if(th_get_uri_param_value(&rr->nameaddr.uri, &th_uparam_name,
 							&eval)<0 || eval.len<=0)
 					return -1;
@@ -710,6 +735,14 @@ int th_unmask_ruri(sip_msg_t *msg)
 	struct lump* l;
 	str out;
 
+	/* Do nothing if ruri is not encoded */
+	if ((REQ_LINE(msg).uri.len<th_uri_prefix.len) ||
+			(strncasecmp(REQ_LINE(msg).uri.s,th_uri_prefix.s,th_uri_prefix.len)!=0))
+	{
+		LM_DBG("ruri [%.*s] is not encoded",REQ_LINE(msg).uri.len,REQ_LINE(msg).uri.s);
+		return 0;
+	}
+
 	if(th_get_uri_param_value(&REQ_LINE(msg).uri, &th_uparam_name, &eval)<0
 			|| eval.len<=0)
 		return -1;
@@ -763,6 +796,15 @@ int th_unmask_refer_to(sip_msg_t *msg)
 	}
 
 	uri = &(get_refer_to(msg)->uri);
+
+	/* Do nothing if refer_to is not encoded */
+	if ((uri->len<th_uri_prefix.len)
+			|| (strncasecmp(uri->s, th_uri_prefix.s, th_uri_prefix.len)!=0))
+	{
+		LM_DBG("refer-to [%.*s] is not encoded",uri->len,uri->s);
+		return 0;
+	}
+
 	if(th_get_uri_param_value(uri, &th_uparam_name, &eval)<0
 			|| eval.len<=0)
 		return -1;


