kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-02 19:16:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

res_pjsip: Use reasonable buffer lengths for endpoint identification

Browse Source 
Domains themselves can be up to 255 characters long (per RFC 1035), so
our current buffer sizes are wholly inadequate for many use cases.

Change-Id: If3f30a68307f1365a1fe06bc4b854c62842c9292
This commit is contained in:
Sean Bright
2017-11-17 10:57:54 -05:00
parent 4181b6f377
commit 1b6e4c1175
2 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
res/res_pjsip_endpoint_identifier_anonymous.c
View File

@@ -56,9 +56,11 @@ static int find_transport_state_in_use(void *obj, void *arg, int flags)
return 0;
}
#define DOMAIN_NAME_LEN 255
static struct ast_sip_endpoint *anonymous_identify(pjsip_rx_data *rdata)
{
char domain_name[64], id[AST_UUID_STR_LEN];
char domain_name[DOMAIN_NAME_LEN + 1];
struct ast_sip_endpoint *endpoint;
RAII_VAR(struct ast_sip_domain_alias *, alias, NULL, ao2_cleanup);
RAII_VAR(struct ao2_container *, transport_states, NULL, ao2_cleanup);
@@ -70,6 +72,8 @@ static struct ast_sip_endpoint *anonymous_identify(pjsip_rx_data *rdata)
}
if (!ast_sip_get_disable_multi_domain()) {
char id[sizeof("anonymous@") + DOMAIN_NAME_LEN];
/* Attempt to find the endpoint given the name and domain provided */
snprintf(id, sizeof(id), "anonymous@%s", domain_name);
if ((endpoint = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", id))) {

12
res/res_pjsip_endpoint_identifier_user.c
View File

@@ -74,10 +74,12 @@ static int find_transport_state_in_use(void *obj, void *arg, int flags)
return 0;
}
#define DOMAIN_NAME_LEN 255
#define USERNAME_LEN 255
static struct ast_sip_endpoint *find_endpoint(pjsip_rx_data *rdata, char *endpoint_name,
char *domain_name)
{
char id[AST_UUID_STR_LEN];
struct ast_sip_endpoint *endpoint;
RAII_VAR(struct ast_sip_domain_alias *, alias, NULL, ao2_cleanup);
RAII_VAR(struct ao2_container *, transport_states, NULL, ao2_cleanup);
@@ -85,6 +87,8 @@ static struct ast_sip_endpoint *find_endpoint(pjsip_rx_data *rdata, char *endpoi
RAII_VAR(struct ast_sip_transport *, transport, NULL, ao2_cleanup);
if (!ast_sip_get_disable_multi_domain()) {
char id[DOMAIN_NAME_LEN + USERNAME_LEN + sizeof("@")];
/* Attempt to find the endpoint given the name and domain provided */
snprintf(id, sizeof(id), "%s@%s", endpoint_name, domain_name);
if ((endpoint = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", id))) {
@@ -116,8 +120,8 @@ static struct ast_sip_endpoint *find_endpoint(pjsip_rx_data *rdata, char *endpoi
static struct ast_sip_endpoint *username_identify(pjsip_rx_data *rdata)
{
char username[64];
char domain[64];
char username[USERNAME_LEN + 1];
char domain[DOMAIN_NAME_LEN + 1];
struct ast_sip_endpoint *endpoint;
if (get_from_header(rdata, username, sizeof(username), domain, sizeof(domain))) {
@@ -149,7 +153,7 @@ static struct ast_sip_endpoint *username_identify(pjsip_rx_data *rdata)
static struct ast_sip_endpoint *auth_username_identify(pjsip_rx_data *rdata)
{
char username[64], realm[64];
char username[USERNAME_LEN + 1], realm[DOMAIN_NAME_LEN + 1];
struct ast_sip_endpoint *endpoint;
pjsip_authorization_hdr *auth_header = NULL;