[Asterisk-code-review] res_pjsip_nat.c: Create deep copies of strings when appropriate (asterisk[16])

Tue Dec 8 11:48:02 CST 2020

nappsoft has uploaded this change for review. ( https://gerrit.asterisk.org/c/asterisk/+/15209 )


Change subject: res_pjsip_nat.c: Create deep copies of strings when appropriate
......................................................................

res_pjsip_nat.c: Create deep copies of strings when appropriate

In rewrite_uri asterisk was not making deep copies of strings when
changing the uri. This was in some cases causing garbage in the route
header and in other cases even crashing asterisk when receiving a
message with a record-route header set. Thanks to Ralf Kubis for
pointing out why this happens. A similar problem was found in
res_pjsip_transport_websocket.c. Pjproject needs as well to be patched
to avoid garbage in CANCEL messages.

It was as well observed that (at least for incoming messages)
rewrite_uri is called twice, if a record-route header is set as the
record-route header is already part of the dialog's route_set. This was
causing crashes in some cases as well. So the patch also prevents
asterisk from calling rewrite_uri twice on incoming messages if a
record-route header is set.

ASTERISK-29024 #close

Change-Id: Ic5acd7fa2fbda3080f5f36ef12e46804939b198b
---
M res/res_pjsip_nat.c
M res/res_pjsip_transport_websocket.c
2 files changed, 6 insertions(+), 5 deletions(-)



  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/09/15209/1

diff --git a/res/res_pjsip_nat.c b/res/res_pjsip_nat.c
index 9dab32a..3172e78 100644
--- a/res/res_pjsip_nat.c
+++ b/res/res_pjsip_nat.c
@@ -73,7 +73,7 @@
 		save_orig_contact_host(rdata, uri);
 	}
 
-	pj_cstr(&uri->host, rdata->pkt_info.src_name);
+	pj_strdup2(rdata->tp_info.pool, &uri->host, rdata->pkt_info.src_name);
 	uri->port = rdata->pkt_info.src_port;
 	if (!strcasecmp("WSS", rdata->tp_info.transport->type_name)) {
 		/* WSS is special, we don't want to overwrite the URI at all as it needs to be ws */
@@ -129,9 +129,7 @@
 				break;
 			}
 		}
-	} else if (pjsip_method_cmp(&rdata->msg_info.msg->line.req.method, &pjsip_register_method)) {
-		rr = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_RECORD_ROUTE, NULL);
-	} else {
+	} else if (!pjsip_method_cmp(&rdata->msg_info.msg->line.req.method, &pjsip_register_method)) {
 		/**
 		 * Record-Route header has no meaning in REGISTER requests
 		 * and should be ignored
@@ -147,6 +145,9 @@
 		 * hope for the best
 		 */
 		pubsub = 1;
+		if (rdata->msg_info.msg->type != PJSIP_RESPONSE_MSG) {
+			rr = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_RECORD_ROUTE, NULL);
+		}
 	}
 
 	if (rr) {
diff --git a/res/res_pjsip_transport_websocket.c b/res/res_pjsip_transport_websocket.c
index 4f47a8c..1b882da 100644
--- a/res/res_pjsip_transport_websocket.c
+++ b/res/res_pjsip_transport_websocket.c
@@ -454,7 +454,7 @@
 				pj_strbuf(txp_str));
 		}
 
-		pj_cstr(&uri->host, rdata->pkt_info.src_name);
+		pj_strdup2(rdata->tp_info.pool, &uri->host, rdata->pkt_info.src_name);
 		uri->port = rdata->pkt_info.src_port;
 		pj_strdup(rdata->tp_info.pool, &uri->transport_param, txp_str);
 	}

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/15209
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 16
Gerrit-Change-Id: Ic5acd7fa2fbda3080f5f36ef12e46804939b198b
Gerrit-Change-Number: 15209
Gerrit-PatchSet: 1
Gerrit-Owner: nappsoft <infos at nappsoft.ch>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20201208/1483a4f4/attachment-0001.html>
