From 4dc0593088419a73f1551a6d690e1cd5bfe1cc0e Mon Sep 17 00:00:00 2001 From: Benny Prijono Date: Wed, 2 Jun 2010 03:03:43 +0000 Subject: Fixed #1092 (Crash when receiving various messages with "Contact: *" header format) git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3190 74dad513-b988-da41-8d7b-12977e46ad98 --- pjsip/src/pjsip-ua/sip_inv.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'pjsip/src/pjsip-ua') diff --git a/pjsip/src/pjsip-ua/sip_inv.c b/pjsip/src/pjsip-ua/sip_inv.c index eb2c20f3..94ec987e 100644 --- a/pjsip/src/pjsip-ua/sip_inv.c +++ b/pjsip/src/pjsip-ua/sip_inv.c @@ -750,6 +750,7 @@ PJ_DEF(pj_status_t) pjsip_inv_verify_request2(pjsip_rx_data *rdata, pjsip_allow_hdr *allow; pjsip_supported_hdr *sup_hdr; pjsip_require_hdr *req_hdr; + pjsip_contact_hdr *c_hdr; int code = 200; unsigned rem_option = 0; pj_status_t status = PJ_SUCCESS; @@ -784,6 +785,27 @@ PJ_DEF(pj_status_t) pjsip_inv_verify_request2(pjsip_rx_data *rdata, /* Init response header list */ pj_list_init(&res_hdr_list); + /* Check the Contact header */ + c_hdr = (pjsip_contact_hdr*) + pjsip_msg_find_hdr(msg, PJSIP_H_CONTACT, NULL); + if (!c_hdr || !c_hdr->uri) { + /* Missing Contact header or Contact contains "*" */ + pjsip_warning_hdr *w; + pj_str_t warn_text; + + warn_text = pj_str("Bad/missing Contact header"); + w = pjsip_warning_hdr_create(rdata->tp_info.pool, 399, + pjsip_endpt_name(endpt), + &warn_text); + if (w) { + pj_list_push_back(&res_hdr_list, w); + } + + code = PJSIP_SC_BAD_REQUEST; + status = PJSIP_ERRNO_FROM_SIP_STATUS(code); + goto on_return; + } + /* Check the request body, see if it's something that we support, * only when the body hasn't been parsed before. */ -- cgit v1.2.3