diff options
author | George Joseph <george.joseph@fairview5.com> | 2015-04-23 08:16:45 -0600 |
---|---|---|
committer | George Joseph <george.joseph@fairview5.com> | 2015-04-23 10:51:29 -0600 |
commit | f70d21b2cf15e9b84beb1f495362cd896c520a9b (patch) | |
tree | e30be2bad29a3d292ca3f8fbee95ef52c85bcb88 | |
parent | a06924e9d960222df5a6862f7a03c45724386ce8 (diff) |
res_pjsip: Validate that contact uris start with sip: or sips:
Currently we use pjsip_parse_hdr to validate contact uris but it
appears that it allows uris without a scheme if there's a port
supplied. I.E myexample.com will fail but myexample.com:5060 will
pass even though it has no scheme. This causes SEGVs later on
whenever the uri is used.
To prevent this, permanent_contact_validate has been updated to check
that the scheme is either 'sip' or 'sips'.
2 uses of possibly-null endpoint have also been fixed in
create_out_of_dialog_request.
ASTERISK-24999
Change-Id: Ifc17d16a4923e1045d37fe51e43bbe29fa556ca2
Reported-by: Brad Latus
-rw-r--r-- | res/res_pjsip.c | 6 | ||||
-rw-r--r-- | res/res_pjsip/location.c | 11 |
2 files changed, 11 insertions, 6 deletions
diff --git a/res/res_pjsip.c b/res/res_pjsip.c index 7bf6486f5..bde0de1ec 100644 --- a/res/res_pjsip.c +++ b/res/res_pjsip.c @@ -2717,7 +2717,8 @@ static int create_out_of_dialog_request(const pjsip_method *method, struct ast_s if (sip_dialog_create_from(pool, &from, endpoint ? endpoint->fromuser : NULL, endpoint ? endpoint->fromdomain : NULL, &remote_uri, &selector)) { ast_log(LOG_ERROR, "Unable to create From header for %.*s request to endpoint %s\n", - (int) pj_strlen(&method->name), pj_strbuf(&method->name), ast_sorcery_object_get_id(endpoint)); + (int) pj_strlen(&method->name), pj_strbuf(&method->name), + endpoint ? ast_sorcery_object_get_id(endpoint) : "<none>"); pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool); return -1; } @@ -2725,7 +2726,8 @@ static int create_out_of_dialog_request(const pjsip_method *method, struct ast_s if (pjsip_endpt_create_request(ast_sip_get_pjsip_endpoint(), method, &remote_uri, &from, &remote_uri, &from, NULL, -1, NULL, tdata) != PJ_SUCCESS) { ast_log(LOG_ERROR, "Unable to create outbound %.*s request to endpoint %s\n", - (int) pj_strlen(&method->name), pj_strbuf(&method->name), ast_sorcery_object_get_id(endpoint)); + (int) pj_strlen(&method->name), pj_strbuf(&method->name), + endpoint ? ast_sorcery_object_get_id(endpoint) : "<none>"); pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool); return -1; } diff --git a/res/res_pjsip/location.c b/res/res_pjsip/location.c index 21650417f..45370dd24 100644 --- a/res/res_pjsip/location.c +++ b/res/res_pjsip/location.c @@ -290,6 +290,8 @@ static int permanent_contact_validate(void *data) pj_pool_t *pool; pj_str_t contact_uri; static const pj_str_t HCONTACT = { "Contact", 7 }; + pjsip_contact_hdr *contact_hdr; + int rc = 0; pool = pjsip_endpt_create_pool(ast_sip_get_pjsip_endpoint(), "Permanent Contact Validation", 256, 256); if (!pool) { @@ -297,13 +299,14 @@ static int permanent_contact_validate(void *data) } pj_strdup2_with_null(pool, &contact_uri, value); - if (!pjsip_parse_hdr(pool, &HCONTACT, contact_uri.ptr, contact_uri.slen, NULL)) { - pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool); - return -1; + if (!(contact_hdr = pjsip_parse_hdr(pool, &HCONTACT, contact_uri.ptr, contact_uri.slen, NULL)) + || !(PJSIP_URI_SCHEME_IS_SIP(contact_hdr->uri) + || PJSIP_URI_SCHEME_IS_SIPS(contact_hdr->uri))) { + rc = -1; } pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool); - return 0; + return rc; } static int permanent_uri_sort_fn(const void *obj_left, const void *obj_right, int flags) |