[Serusers] Buffer overflow?

sip sip at arcdiv.com
Thu May 25 21:14:30 CEST 2006


I'm fine with seeing the message as long as it's not something to worry about.
 It IS a bit confusing to see an ERROR: warning_builder... followed by a
WARNING: warning skipped.  I think that could be worded better. Why send a
warning that you're not warning anyone? 

I also think it's generally probably not the world's best idea to do whatever
it is that UA is doing... sending information about multiple logins to a
single proxy.  Seems like it could be a security concern there. 

I've dropped the UA makers a note and asked them to clarify just why it is
they're including their own username/proxy info in requests to our proxy
through their UA as WELL as our username/proxy info. 

All rather bizarre. 

N.


On Thu, 25 May 2006 20:56:29 +0200, Jiri Kuthan wrote
> first of all a terminological clarification: there is nothing like a 
> buffer overflow here. If there was such a buffer overlow SER would 
> have crashed and not issed warning.
> 
> What is says is that the request is so long that a reply which would 
> include Warning header field would be pretty much long too and thus 
> the Warning is just skipped.
> 
> If you don't like the error message, turn off the warning header 
> field configuration option.
> 
> On SER side, I think this should be made a WARNING and not ERROR --
>  that's too confusing.
> 
> -jiri
> 
> At 18:57 25/05/2006, sip wrote:
> >Not sure if the to/from headers are the ones causing the issue, nor am I
> >really sure why the to/from headers even look that way or what client is
> >causing that.
> >
> >What I want to know more is what part of the ser code is causing the buffer
> >overflow warnings.... and how it can be fixed.
> >
> >N.
> >
> >On Thu, 25 May 2006 23:24:14 +0700, Andrey Kouprianov wrote
> >> Maybe Request-URI? Look very long and "unnormal". But that's just a guess...
> >> 
> >> On 5/25/06, sip <sip at arcdiv.com> wrote:
> >> > I recently started seeing this in the logs right after a registration
attempt
> >> > from a user who's a on our system, but is somehow storing contact info
for a
> >> > different username on a different service:
> >> >
> >> >
> >> > May 25 12:03:52 death ser[22235]: ERROR: warning_builder: buffer size
exceeded
> >> > May 25 12:03:52 death ser[22235]: WARNING: warning skipped -- too big
> >> >
> >> >
> >> > The register packet that caused it was:
> >> >
> >> >
> >> >
> >> > REGISTER
> >> > sip:proxy.ideasip.com:5060;g_id=17476253781;g_dom=proxy01.sipphone.com
> >SIP/2.0.
> >> > Record-Route: <sip:198.65.XXX.XXX;ftag=31839881;lr>.
> >> > Via: SIP/2.0/UDP 198.65.XXX.XXX;branch=z9hG4bK1033.75ea1c43.0.
> >> > Via: SIP/2.0/UDP
> >> >
>
>192.168.1.18:36560;received=69.91.XXX.XXX;branch=z9hG4bK-d87543-5e7fc69802da2376-1--d87543-;rport=33028.
> >> > Max-Forwards: 69.
> >> > Contact: <sip:1747625XXXX at proxy01.sipphone.com:5060>.
> >> > To:
> >> >
>
><sip:1101201XXXX at proxy.ideasip.com:5060;g_id=1747625XXXX;g_dom=proxy01.sipphone.com>.
> >> > From:
> >> >
>
><sip:1101201XXXX at proxy.ideasip.com:5060;g_id=1747625XXXX;g_dom=proxy01.sipphone.com>;tag=31839881.
> >> > Call-ID: 7dffe5df6f2a521a at YW50ZXJvb21lbWFjLmxvY2Fs.
> >> > CSeq: 40 REGISTER.
> >> > Expires: 1800.
> >> > Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, INFO, NOTIFY, MESSAGE.
> >> > Supported: ICE.
> >> > User-Agent: MacGizmo (Gizmo-s2n1)/1.5.
> >> > Authorization: Digest
> >> >
>
>username="1101201XXXX",realm="proxy.ideasip.com",nonce="4475d66395235de62215f7d44f9dbafc068050f7",uri="sip:proxy.ideasip.com:5060;g_id=1747625XXXX;g_dom=proxy01.sipphone.com",response="2a56661c46fdac2129de3100014e5753",cnonce="aab804aa999687b7",nc=00000003,qop=auth,algorithm=MD5.
> >> > Content-Length: 0.
> >> > P-hint: outbound.
> >> >
> >> >
> >> >
> >> > Any idea what's throwing the error and what causes it?
> >> >
> >> >
> >> > N.
> >> > _______________________________________________
> >> > Serusers mailing list
> >> > Serusers at lists.iptel.org
> >> > http://lists.iptel.org/mailman/listinfo/serusers
> >> >
> >> _______________________________________________
> >> Serusers mailing list
> >> Serusers at lists.iptel.org
> >> http://lists.iptel.org/mailman/listinfo/serusers
> >_______________________________________________
> >Serusers mailing list
> >Serusers at lists.iptel.org
> >http://lists.iptel.org/mailman/listinfo/serusers
> 
> --
> Jiri Kuthan            http://iptel.org/~jiri/




More information about the sr-users mailing list