[asterisk-commits] mmichelson: branch 1.4 r149130 - /branches/1.4/channels/chan_sip.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Tue Oct 14 15:49:02 CDT 2008
Author: mmichelson
Date: Tue Oct 14 15:49:02 2008
New Revision: 149130
URL: http://svn.digium.com/view/asterisk?view=rev&rev=149130
Log:
Don't allow reserved characters to be used in register
lines in sip.conf.
(closes issue #13570)
Reported by: putnopvut
Modified:
branches/1.4/channels/chan_sip.c
Modified: branches/1.4/channels/chan_sip.c
URL: http://svn.digium.com/view/asterisk/branches/1.4/channels/chan_sip.c?view=diff&rev=149130&r1=149129&r2=149130
==============================================================================
--- branches/1.4/channels/chan_sip.c (original)
+++ branches/1.4/channels/chan_sip.c Tue Oct 14 15:49:02 2008
@@ -166,6 +166,8 @@
#ifndef IPTOS_MINCOST
#define IPTOS_MINCOST 0x02
#endif
+
+#define SIP_RESERVED ";/?:@&=+$,# "
/* #define VOCAL_DATA_HACK */
@@ -4724,9 +4726,11 @@
struct sip_registry *reg;
int portnum = 0;
char username[256] = "";
+ char *user;
char *hostname=NULL, *secret=NULL, *authuser=NULL;
char *porta=NULL;
char *contact=NULL;
+ char *reserved = NULL;
if (!value)
return -1;
@@ -4746,6 +4750,16 @@
authuser = strchr(secret, ':');
if (authuser)
*authuser++ = '\0';
+ }
+ user = username;
+ if ((reserved = strpbrk(user, SIP_RESERVED))) {
+ goto invalid_char;
+ }
+ if (!ast_strlen_zero(secret) && (reserved = strpbrk(secret, SIP_RESERVED))) {
+ goto invalid_char;
+ }
+ if (!ast_strlen_zero(authuser) && (reserved = strpbrk(authuser, SIP_RESERVED))) {
+ goto invalid_char;
}
/* split host[:port][/contact] */
contact = strchr(hostname, '/');
@@ -4761,6 +4775,9 @@
ast_log(LOG_WARNING, "%s is not a valid port number at line %d\n", porta, lineno);
return -1;
}
+ }
+ if ((reserved = strpbrk(hostname, SIP_RESERVED))) {
+ goto invalid_char;
}
if (!(reg = ast_calloc(1, sizeof(*reg)))) {
ast_log(LOG_ERROR, "Out of memory. Can't allocate SIP registry entry\n");
@@ -4793,6 +4810,10 @@
ASTOBJ_CONTAINER_LINK(®l, reg); /* Add the new registry entry to the list */
ASTOBJ_UNREF(reg,sip_registry_destroy);
return 0;
+
+invalid_char:
+ ast_log(LOG_WARNING, "A reserved character ('%c') was used in a \"register\" line. This registration will not occur\n", *reserved);
+ return -1;
}
/*! \brief Parse multiline SIP headers into one header
More information about the asterisk-commits
mailing list