[SR-Users] sanity from uri check

Daniel-Constantin Mierla miconda at gmail.com
Tue Mar 15 08:19:42 CET 2022


Just pushed a commit trying to catch this case. Can you test and see if
works?

Cheers,
Daniel

On 14.03.22 13:31, Juha Heinanen wrote:
> Daniel-Constantin Mierla writes:
>
>> I pushed a commit for it. The new function was defined only when memory
>> debug was on.
> Thanks, now build succeeded, but the malformed From URI was not detected
> by sanity_check().
>
> The sipp scenario that I use in the test is below.  The reason why I
> started to wonder about this is that I have seen attackers using it.
>
> -- Juha
>
> <?xml version="1.0" encoding="ISO-8859-1" ?>
> <!DOCTYPE scenario SYSTEM "sipp.dtd">
>
> <!-- sipp test.tutpro.com:5060 -s test -sf options-test.xml -m 1 -t t1 -->
>
> <scenario name="Options">
> <send>
>   <![CDATA[
>            OPTIONS sip:[service]@test.tutpro.com SIP/2.0
>            Via: SIP/2.0/[transport] [local_ip]:[local_port];branch=[branch]
>            Max-Forwards: 70
>            To: <sip:[service]@test.tutpro.com>
>            From: sipp <sip:@[local_ip]:[local_port]>;tag=[call_number]
>            Call-ID: [call_id]
>            CSeq: 1 OPTIONS
>            Contact: <sip:sipp@[local_ip]:[local_port]>
>            Accept: application/sdp
>            Content-Length: 0
>     ]]>
> </send>
>
> <recv response="200" rtd="true">
> </recv>
>
> <ResponseTimeRepartition value="10, 20, 30, 40, 50, 100, 150, 200"/>
> <CallLengthRepartition value="10, 50, 100, 500, 1000, 5000, 10000"/>
>
> </scenario>

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio Advanced Training - Online
  March 28-31, 2022 (Europe Timezone)
  * https://www.asipto.com/sw/kamailio-advanced-training-online/




More information about the sr-users mailing list