[Asterisk-code-review] res_pjsip_registrar: Validate Contact URI before adding to responses (...asterisk[16])

Joshua Colp asteriskteam at digium.com
Thu Sep 26 04:49:40 CDT 2019


Joshua Colp has submitted this change and it was merged. ( https://gerrit.asterisk.org/c/asterisk/+/12955 )

Change subject: res_pjsip_registrar: Validate Contact URI before adding to responses
......................................................................

res_pjsip_registrar: Validate Contact URI before adding to responses

If a permanent contact URI associated with an AOR is invalid, we add a
Contact header to REGISTER responses with a NULL URI, causing a crash.

ASTERISK-28463 #close

Change-Id: Id2b643e58b975bc560aab1c111e6669d54db9102
---
M res/res_pjsip_registrar.c
1 file changed, 11 insertions(+), 4 deletions(-)

Approvals:
  George Joseph: Looks good to me, but someone else must approve
  Joshua Colp: Looks good to me, approved; Approved for Submit



diff --git a/res/res_pjsip_registrar.c b/res/res_pjsip_registrar.c
index 2848d5a..a17c06a 100644
--- a/res/res_pjsip_registrar.c
+++ b/res/res_pjsip_registrar.c
@@ -224,14 +224,21 @@
 {
 	struct ast_sip_contact *contact = obj;
 	pjsip_tx_data *tdata = arg;
-	pjsip_contact_hdr *hdr = pjsip_contact_hdr_create(tdata->pool);
 	pj_str_t uri;
+	pjsip_uri *parsed;
 
 	pj_strdup2_with_null(tdata->pool, &uri, contact->uri);
-	hdr->uri = pjsip_parse_uri(tdata->pool, uri.ptr, uri.slen, PJSIP_PARSE_URI_AS_NAMEADDR);
-	hdr->expires = ast_tvdiff_ms(contact->expiration_time, ast_tvnow()) / 1000;
+	parsed = pjsip_parse_uri(tdata->pool, uri.ptr, uri.slen, PJSIP_PARSE_URI_AS_NAMEADDR);
 
-	pjsip_msg_add_hdr(tdata->msg, (pjsip_hdr*)hdr);
+	if (parsed && (PJSIP_URI_SCHEME_IS_SIP(parsed) || PJSIP_URI_SCHEME_IS_SIPS(parsed))) {
+		pjsip_contact_hdr *hdr = pjsip_contact_hdr_create(tdata->pool);
+		hdr->uri = parsed;
+		hdr->expires = ast_tvdiff_ms(contact->expiration_time, ast_tvnow()) / 1000;
+		pjsip_msg_add_hdr(tdata->msg, (pjsip_hdr *) hdr);
+	} else {
+		ast_log(LOG_WARNING, "Skipping invalid Contact URI \"%.*s\" for AOR %s\n",
+			(int) uri.slen, uri.ptr, contact->aor);
+	}
 
 	return 0;
 }

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/12955
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 16
Gerrit-Change-Id: Id2b643e58b975bc560aab1c111e6669d54db9102
Gerrit-Change-Number: 12955
Gerrit-PatchSet: 2
Gerrit-Owner: Sean Bright <sean.bright at gmail.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20190926/6627e2a5/attachment-0001.html>


More information about the asterisk-code-review mailing list