[asterisk-dev] SIP URI checking in chan_sip.c
Olle E. Johansson
oej at edvina.net
Tue Dec 1 05:32:19 CST 2009
1 dec 2009 kl. 09.23 skrev Kirill 'Big K' Katsnelson:
> On 091130 2245, Olle E. Johansson wrote:
>> What's you bug report # ?
>
> None. I mentioned previously that I cannot clearly decouple bugs
> that I observe. I could just have copied the whole report to a ticket,
> but I am trying to disentangle these. I am under a strong impression
> that the broken header *exposed* the second bug, not *caused* it.
>
>> We should reject it with an error message. I can't find out from your
>> mail what type of SIP message that causes this, but I'm eager to know
>> so that we can handle this with some speed.
>
> INVITE, with a space in both the From: and Contact: headers. I posted a
> long an detailed report here about 24 hours ago.
> http://lists.digium.com/pipermail/asterisk-dev/2009-November/041006.html
>
THanks for your detailed report. Please open a ticket and add the reference to the e-mail there.
Under no circumstances should we have hanging channels like this, regardless of URI.
It's hard to get all the syntax notes in the RFC, but it seems like the username part would allow a space if it's URI escaped, like %20. Not as a space though. Please don't take this as a reference, it's hard work finding out what the ABNF ends up with... :-)
For error codes, "400 bad request" indicates syntax errors and would propably be a good choice here.
/O
More information about the asterisk-dev
mailing list