[SR-Users] sanity from uri check
Juha Heinanen
jh at tutpro.com
Mon Mar 14 13:31:48 CET 2022
Daniel-Constantin Mierla writes:
> I pushed a commit for it. The new function was defined only when memory
> debug was on.
Thanks, now build succeeded, but the malformed From URI was not detected
by sanity_check().
The sipp scenario that I use in the test is below. The reason why I
started to wonder about this is that I have seen attackers using it.
-- Juha
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE scenario SYSTEM "sipp.dtd">
<!-- sipp test.tutpro.com:5060 -s test -sf options-test.xml -m 1 -t t1 -->
<scenario name="Options">
<send>
<![CDATA[
OPTIONS sip:[service]@test.tutpro.com SIP/2.0
Via: SIP/2.0/[transport] [local_ip]:[local_port];branch=[branch]
Max-Forwards: 70
To: <sip:[service]@test.tutpro.com>
From: sipp <sip:@[local_ip]:[local_port]>;tag=[call_number]
Call-ID: [call_id]
CSeq: 1 OPTIONS
Contact: <sip:sipp@[local_ip]:[local_port]>
Accept: application/sdp
Content-Length: 0
]]>
</send>
<recv response="200" rtd="true">
</recv>
<ResponseTimeRepartition value="10, 20, 30, 40, 50, 100, 150, 200"/>
<CallLengthRepartition value="10, 50, 100, 500, 1000, 5000, 10000"/>
</scenario>
More information about the sr-users
mailing list