[Asterisk-code-review] pjproject bundled: Disable PJSIP UNESCAPE IN PLACE (asterisk[master])

Joshua Colp asteriskteam at digium.com
Fri Apr 29 14:57:19 CDT 2016


Joshua Colp has submitted this change and it was merged.

Change subject: pjproject_bundled:  Disable PJSIP_UNESCAPE_IN_PLACE
......................................................................


pjproject_bundled:  Disable PJSIP_UNESCAPE_IN_PLACE

When pjsip_parse_uri is called with PJSIP_UNESCAPE_IN_PLACE enabled,
the input uri string will become corrupted if it contains escape sequences.
It's not possible to automatically strdup or strdupa the input string because
the output uri pj_str_t's will have pointers to chunks of the input string.
Getting around this would require more memory management code and wouldn't
be worth the savings of doing the unescape in place.

ASTERISK-25970 #close
Reported-by: Dmitriy Serov

Change-Id: I28dc0e599b5108f7959b9c46dc8278371b372f88
---
M third-party/pjproject/patches/config_site.h
1 file changed, 5 insertions(+), 1 deletion(-)

Approvals:
  Mark Michelson: Looks good to me, approved
  Joshua Colp: Looks good to me, but someone else must approve; Verified



diff --git a/third-party/pjproject/patches/config_site.h b/third-party/pjproject/patches/config_site.h
index 840d8b2..8e854b7 100644
--- a/third-party/pjproject/patches/config_site.h
+++ b/third-party/pjproject/patches/config_site.h
@@ -28,7 +28,11 @@
 #define PJSIP_SAFE_MODULE		0
 #define PJ_HAS_STRICMP_ALNUM		0
 #define PJ_HASH_USE_OWN_TOLOWER		1
-#define PJSIP_UNESCAPE_IN_PLACE		1
+/*
+  It is imperative that PJSIP_UNESCAPE_IN_PLACE remain 0 or undefined.
+  Enabling it will result in SEGFAULTS when URIs containing escape sequences are encountered.
+*/
+#undef PJSIP_UNESCAPE_IN_PLACE
 #define PJSIP_MAX_PKT_LEN			6000
 
 #undef PJ_TODO

-- 
To view, visit https://gerrit.asterisk.org/2725
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I28dc0e599b5108f7959b9c46dc8278371b372f88
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Owner: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Mark Michelson <mmichelson at digium.com>



More information about the asterisk-code-review mailing list