[sr-dev] git:master:e6950ffb: topoh: detect when via param is shorter than expected prefix
Daniel-Constantin Mierla
miconda at gmail.com
Mon Mar 4 09:26:15 CET 2019
Module: kamailio
Branch: master
Commit: e6950ffb1985493e717e3d774eddad779aed1514
URL: https://github.com/kamailio/kamailio/commit/e6950ffb1985493e717e3d774eddad779aed1514
Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2019-03-04T09:25:58+01:00
topoh: detect when via param is shorter than expected prefix
---
Modified: src/modules/topoh/th_msg.c
---
Diff: https://github.com/kamailio/kamailio/commit/e6950ffb1985493e717e3d774eddad779aed1514.diff
Patch: https://github.com/kamailio/kamailio/commit/e6950ffb1985493e717e3d774eddad779aed1514.patch
---
diff --git a/src/modules/topoh/th_msg.c b/src/modules/topoh/th_msg.c
index 8b8d278b25..e03b3653fa 100644
--- a/src/modules/topoh/th_msg.c
+++ b/src/modules/topoh/th_msg.c
@@ -418,12 +418,17 @@ int th_unmask_via(sip_msg_t *msg, str *cookie)
LM_ERR("cannot find param in via %d\n", i);
return -1;
}
- if(i==2)
+ if(vp->value.len <= th_vparam_prefix.len) {
+ LM_ERR("invalid param len in via %d\n", i);
+ return -1;
+ }
+ if(i==2) {
out.s = th_mask_decode(vp->value.s, vp->value.len,
&th_vparam_prefix, CRLF_LEN+1, &out.len);
- else
+ } else {
out.s = th_mask_decode(vp->value.s, vp->value.len,
&th_vparam_prefix, 0, &out.len);
+ }
if(out.s==NULL || out.len<=0)
{
LM_ERR("cannot decode via %d\n", i);
More information about the sr-dev
mailing list