[Asterisk-code-review] pjsip: restrict function PJSIP_PARSE_URI to parse only SIP/SIPS URIs (...asterisk[master])

George Joseph asteriskteam at digium.com
Thu Mar 28 08:04:51 CDT 2019 

George Joseph has submitted this change and it was merged. ( https://gerrit.asterisk.org/c/asterisk/+/11191 )

Change subject: pjsip: restrict function PJSIP_PARSE_URI to parse only SIP/SIPS URIs
......................................................................

pjsip: restrict function PJSIP_PARSE_URI to parse only SIP/SIPS URIs

The next usage of PJSIP_PARSE_URI will crash asterisk
${PJSIP_PARSE_URI(tel:+1234567890,host)}
or
${PJSIP_PARSE_URI(192.168.1.1:5060,host)}

The function pjsip_parse_uri successfully parses then, but returns
struct pjsip_other_uri *.

This patch restricts parsing only SIP/SIPS URIs.

Change-Id: I16f255c2b86a80a67e9f9604b94b129a381dd25e
---
M channels/pjsip/dialplan_functions.c
1 file changed, 1 insertion(+), 1 deletion(-)

Approvals:
  Kevin Harwell: Looks good to me, approved
  George Joseph: Approved for Submit



diff --git a/channels/pjsip/dialplan_functions.c b/channels/pjsip/dialplan_functions.c
index 70507bb..2081bad 100644
--- a/channels/pjsip/dialplan_functions.c
+++ b/channels/pjsip/dialplan_functions.c
@@ -1124,7 +1124,7 @@
 
 	pj_strdup2_with_null(pool, &tmp, args->uri);
 	uri = (pjsip_name_addr *)pjsip_parse_uri(pool, tmp.ptr, tmp.slen, PJSIP_PARSE_URI_AS_NAMEADDR);
-	if (!uri) {
+	if (!uri || (!PJSIP_URI_SCHEME_IS_SIP(uri) && !PJSIP_URI_SCHEME_IS_SIPS(uri))) {
 		ast_log(LOG_WARNING, "Failed to parse URI '%s'\n", args->uri);
 		pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
 		args->ret = -1;

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/11191
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Change-Id: I16f255c2b86a80a67e9f9604b94b129a381dd25e
Gerrit-Change-Number: 11191
Gerrit-PatchSet: 1
Gerrit-Owner: Alexei Gradinari <alex2grad at gmail.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20190328/9b6193cc/attachment.html>

More information about the asterisk-code-review mailing list