From 63b53233c75648ca091441f31b743e7f89401e31 Mon Sep 17 00:00:00 2001
From: Henri Herscher <henri@oreka.org>
Date: Fri, 12 May 2006 20:33:48 +0000
Subject: Skinny messages now sanity checked.

git-svn-id: https://oreka.svn.sourceforge.net/svnroot/oreka/trunk@228 09dcff7a-b715-0410-9601-b79a96267cd0
---
 .../audiocaptureplugins/voip/PacketHeaderDefs.cpp  | 70 ++++++++++++++++++++++
 .../audiocaptureplugins/voip/PacketHeaderDefs.h    | 22 +++++--
 orkaudio/audiocaptureplugins/voip/VoIp.cpp         | 54 ++++++++++++-----
 3 files changed, 127 insertions(+), 19 deletions(-)

diff --git a/orkaudio/audiocaptureplugins/voip/PacketHeaderDefs.cpp b/orkaudio/audiocaptureplugins/voip/PacketHeaderDefs.cpp
index cb9b53d..2d3cfe3 100644
--- a/orkaudio/audiocaptureplugins/voip/PacketHeaderDefs.cpp
+++ b/orkaudio/audiocaptureplugins/voip/PacketHeaderDefs.cpp
@@ -51,3 +51,73 @@ CStdString SkinnyMessageToString(int msgEnum)
 	}
 	return msgString;
 }
+
+
+bool SkinnyValidateStartMediaTransmission(SkStartMediaTransmissionStruct* smt)
+{
+	bool valid = true;
+	if (smt->remoteTcpPort > 65535)
+	{
+		valid = false;
+	}
+	return valid;
+}
+
+bool checkPartyString(char* string, int size)
+{
+	bool valid = false;
+	bool invalidCharFound = false;
+	bool endOfStringFound = false;
+	for(int i=0; i<size && invalidCharFound == false && endOfStringFound == false; i++)
+	{
+		if(string[i] == 0)
+		{
+			endOfStringFound = true;
+		}
+		else if(string[i] > 122 || string[i] < 32)
+		{
+			invalidCharFound = true;
+		}
+	}
+	if(invalidCharFound == false && endOfStringFound == true)
+	{
+		valid = true;
+	}
+	return valid;
+}
+
+bool SkinnyValidateCallInfo(SkCallInfoStruct* sci)
+{
+	bool valid = true;
+	if (sci->callType > SKINNY_CALL_TYPE_FORWARD)
+	{
+		valid = false;
+	}
+	if(valid)
+	{
+		valid = checkPartyString(sci->calledParty, SKINNY_CALLED_PARTY_SIZE);
+	}
+	if(valid)
+	{
+		valid = checkPartyString(sci->callingParty, SKINNY_CALLING_PARTY_SIZE);
+	}
+	if(valid)
+	{
+		valid = checkPartyString(sci->calledPartyName, SKINNY_CALLED_PARTY_NAME_SIZE);
+	}
+	if(valid)
+	{
+		valid = checkPartyString(sci->callingPartyName, SKINNY_CALLING_PARTY_NAME_SIZE);
+	}
+	return valid;
+}
+
+bool SkinnyValidateOpenReceiveChannelAck(SkOpenReceiveChannelAckStruct* orca)
+{
+	bool valid = true;
+	if (orca->endpointTcpPort > 65535)
+	{
+		valid = false;
+	}
+	return valid;
+}
diff --git a/orkaudio/audiocaptureplugins/voip/PacketHeaderDefs.h b/orkaudio/audiocaptureplugins/voip/PacketHeaderDefs.h
index d0e3768..57a9d8e 100644
--- a/orkaudio/audiocaptureplugins/voip/PacketHeaderDefs.h
+++ b/orkaudio/audiocaptureplugins/voip/PacketHeaderDefs.h
@@ -108,6 +108,9 @@ typedef struct
 	// and some more fields
 } SkStartMediaTransmissionStruct;
 
+bool SkinnyValidateStartMediaTransmission(SkStartMediaTransmissionStruct *);
+
+
 typedef struct
 {
 	SkinnyHeaderStruct header;
@@ -115,6 +118,7 @@ typedef struct
 	unsigned long passThruPartyId;
 } SkStopMediaTransmissionStruct;
 
+
 typedef struct
 {
 	SkinnyHeaderStruct header;
@@ -122,18 +126,25 @@ typedef struct
 	unsigned long passThruPartyId;
 } SkCloseReceiveChannelStruct;
 
+#define SKINNY_CALLING_PARTY_SIZE 24
+#define SKINNY_CALLED_PARTY_SIZE 24
+#define SKINNY_CALLING_PARTY_NAME_SIZE 40
+#define SKINNY_CALLED_PARTY_NAME_SIZE 40
 typedef struct
 {
 	SkinnyHeaderStruct header;
-	char callingPartyName[40];
-	char callingParty[24];
-	char calledPartyName[40];
-	char calledParty[24];
+	char callingPartyName[SKINNY_CALLING_PARTY_NAME_SIZE];
+	char callingParty[SKINNY_CALLING_PARTY_SIZE];
+	char calledPartyName[SKINNY_CALLED_PARTY_NAME_SIZE];
+	char calledParty[SKINNY_CALLED_PARTY_SIZE];
 	unsigned long lineInstance;
 	unsigned long callId;
 	unsigned long callType;
 } SkCallInfoStruct;
 
+bool SkinnyValidateCallInfo(SkCallInfoStruct *);
+
+
 typedef struct
 {
 	SkinnyHeaderStruct header;
@@ -153,6 +164,9 @@ typedef struct
 	unsigned long passThruPartyId;
 } SkOpenReceiveChannelAckStruct;
 
+bool SkinnyValidateOpenReceiveChannelAck(SkOpenReceiveChannelAckStruct *);
+
+
 #define SKINNY_CTRL_PORT 2000
 #define SKINNY_MIN_MESSAGE_SIZE 12
 #define SKINNY_HEADER_LENGTH 8
diff --git a/orkaudio/audiocaptureplugins/voip/VoIp.cpp b/orkaudio/audiocaptureplugins/voip/VoIp.cpp
index 039adb7..d7c1445 100644
--- a/orkaudio/audiocaptureplugins/voip/VoIp.cpp
+++ b/orkaudio/audiocaptureplugins/voip/VoIp.cpp
@@ -349,13 +349,21 @@ void HandleSkinnyMessage(SkinnyHeaderStruct* skinnyHeader, IpHeaderStruct* ipHea
 	{
 	case SkStartMediaTransmission:
 		startMedia = (SkStartMediaTransmissionStruct*)skinnyHeader;
-		if(s_skinnyPacketLog->isInfoEnabled())
+		if(SkinnyValidateStartMediaTransmission(startMedia))
 		{
-			char szRemoteIp[16];
-			ACE_OS::inet_ntop(AF_INET, (void*)&startMedia->remoteIpAddr, szRemoteIp, sizeof(szRemoteIp));
-			logMsg.Format(" CallId:%u PassThru:%u media address:%s,%u", startMedia->conferenceId, startMedia->passThruPartyId, szRemoteIp, startMedia->remoteTcpPort);
+			if(s_skinnyPacketLog->isInfoEnabled())
+			{
+				char szRemoteIp[16];
+				ACE_OS::inet_ntop(AF_INET, (void*)&startMedia->remoteIpAddr, szRemoteIp, sizeof(szRemoteIp));
+				logMsg.Format(" CallId:%u PassThru:%u media address:%s,%u", startMedia->conferenceId, startMedia->passThruPartyId, szRemoteIp, startMedia->remoteTcpPort);
+			}
+			RtpSessionsSingleton::instance()->ReportSkinnyStartMediaTransmission(startMedia, ipHeader);
+		}
+		else
+		{
+			useful = false;
+			LOG4CXX_WARN(s_skinnyPacketLog, "Invalid StartMediaTransmission.");
 		}
-		RtpSessionsSingleton::instance()->ReportSkinnyStartMediaTransmission(startMedia, ipHeader);
 		break;
 	case SkStopMediaTransmission:
 	case SkCloseReceiveChannel:
@@ -369,22 +377,38 @@ void HandleSkinnyMessage(SkinnyHeaderStruct* skinnyHeader, IpHeaderStruct* ipHea
 		break;
 	case SkCallInfoMessage:
 		callInfo = (SkCallInfoStruct*)skinnyHeader;
-		if(s_skinnyPacketLog->isInfoEnabled())
+		if(SkinnyValidateCallInfo(callInfo))
+		{
+			if(s_skinnyPacketLog->isInfoEnabled())
+			{
+				logMsg.Format(" CallId:%u calling:%s called:%s", callInfo->callId, callInfo->callingParty, callInfo->calledParty);
+			}
+			RtpSessionsSingleton::instance()->ReportSkinnyCallInfo(callInfo, ipHeader);
+		}
+		else
 		{
-			logMsg.Format(" CallId:%u calling:%s called:%s", callInfo->callId, callInfo->callingParty, callInfo->calledParty);
+			useful = false;
+			LOG4CXX_WARN(s_skinnyPacketLog, "Invalid CallInfoMessage.");
 		}
-		RtpSessionsSingleton::instance()->ReportSkinnyCallInfo(callInfo, ipHeader);
 		break;
 	case SkOpenReceiveChannelAck:
 		openReceiveAck = (SkOpenReceiveChannelAckStruct*)skinnyHeader;
-		if(s_skinnyPacketLog->isInfoEnabled())
+		if(SkinnyValidateOpenReceiveChannelAck(openReceiveAck))
+		{
+			if(s_skinnyPacketLog->isInfoEnabled())
+			{
+				char szMediaIp[16];
+				ACE_OS::inet_ntop(AF_INET, (void*)&openReceiveAck->endpointIpAddr, szMediaIp, sizeof(szMediaIp));
+				logMsg.Format(" PassThru:%u media address:%s,%u", openReceiveAck->passThruPartyId, szMediaIp, openReceiveAck->endpointTcpPort);
+			}
+			endpointIp = ipHeader->ip_src;	// this skinny message is phone -> CCM
+			RtpSessionsSingleton::instance()->ReportSkinnyOpenReceiveChannelAck(openReceiveAck);
+		}
+		else
 		{
-			char szMediaIp[16];
-			ACE_OS::inet_ntop(AF_INET, (void*)&openReceiveAck->endpointIpAddr, szMediaIp, sizeof(szMediaIp));
-			logMsg.Format(" PassThru:%u media address:%s,%u", openReceiveAck->passThruPartyId, szMediaIp, openReceiveAck->endpointTcpPort);
+			useful = false;
+			LOG4CXX_WARN(s_skinnyPacketLog, "Invalid OpenReceiveChannelAck.");
 		}
-		endpointIp = ipHeader->ip_src;	// this skinny message is phone -> CCM
-		RtpSessionsSingleton::instance()->ReportSkinnyOpenReceiveChannelAck(openReceiveAck);
 		break;
 	default:
 		useful = false;
@@ -404,7 +428,7 @@ void HandlePacket(u_char *param, const struct pcap_pkthdr *header, const u_char
 	IpHeaderStruct* ipHeader = (IpHeaderStruct*)((char*)ethernetHeader + sizeof(EthernetHeaderStruct));
 	if(ipHeader->ip_v != 4)	// sanity check, is it an IP packet v4
 	{
-		// If not, the IP packet might be wrapped into a 802.1Q VLAN (add 4 bytes)
+		// If not, the IP packet might be wrapped into a 802.1Q VLAN or MPLS header (add 4 bytes)
 		ipHeader = (IpHeaderStruct*)((u_char*)ipHeader+4);
 		if(ipHeader->ip_v != 4)
 		{
-- 
cgit v1.2.3