[Asterisk-code-review] pjsip: restrict function PJSIP_PARSE_URI to parse only SIP/SIPS URIs (...asterisk[16])

Alexei Gradinari asteriskteam at digium.com
Mon Mar 25 18:16:46 CDT 2019 

Alexei Gradinari has uploaded this change for review. ( https://gerrit.asterisk.org/c/asterisk/+/11177


Change subject: pjsip: restrict function PJSIP_PARSE_URI to parse only SIP/SIPS URIs
......................................................................

pjsip: restrict function PJSIP_PARSE_URI to parse only SIP/SIPS URIs

The next usage of PJSIP_PARSE_URI will crash asterisk
${PJSIP_PARSE_URI(tel:+1234567890,host)}
or
${PJSIP_PARSE_URI(192.168.1.1:5060,host)}

The function pjsip_parse_uri successfully parses then, but returns
struct pjsip_other_uri *.

This patch restricts parsing only SIP/SIPS URIs.

Change-Id: I16f255c2b86a80a67e9f9604b94b129a381dd25e
---
M channels/pjsip/dialplan_functions.c
1 file changed, 1 insertion(+), 1 deletion(-)



  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/77/11177/1

diff --git a/channels/pjsip/dialplan_functions.c b/channels/pjsip/dialplan_functions.c
index 70507bb..2081bad 100644
--- a/channels/pjsip/dialplan_functions.c
+++ b/channels/pjsip/dialplan_functions.c
@@ -1124,7 +1124,7 @@
 
 	pj_strdup2_with_null(pool, &tmp, args->uri);
 	uri = (pjsip_name_addr *)pjsip_parse_uri(pool, tmp.ptr, tmp.slen, PJSIP_PARSE_URI_AS_NAMEADDR);
-	if (!uri) {
+	if (!uri || (!PJSIP_URI_SCHEME_IS_SIP(uri) && !PJSIP_URI_SCHEME_IS_SIPS(uri))) {
 		ast_log(LOG_WARNING, "Failed to parse URI '%s'\n", args->uri);
 		pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
 		args->ret = -1;

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/11177
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 16
Gerrit-Change-Id: I16f255c2b86a80a67e9f9604b94b129a381dd25e
Gerrit-Change-Number: 11177
Gerrit-PatchSet: 1
Gerrit-Owner: Alexei Gradinari <alex2grad at gmail.com>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20190325/b14388e9/attachment.html>

More information about the asterisk-code-review mailing list