<p>Sean Bright has uploaded this change for <strong>review</strong>.</p><p><a href="https://gerrit.asterisk.org/c/asterisk/+/17803">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">pjproject: Fix incorrect unescaping of tokens during parsing<br><br>ASTERISK-29664 #close<br><br>Change-Id: I29dcde52e9faeaf2609c604eada61c6a9e49d8f5<br>---<br>A third-party/pjproject/patches/0140-Fix-incorrect-unescaping-of-tokens-during-parsing-29.patch<br>1 file changed, 123 insertions(+), 0 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/03/17803/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/third-party/pjproject/patches/0140-Fix-incorrect-unescaping-of-tokens-during-parsing-29.patch b/third-party/pjproject/patches/0140-Fix-incorrect-unescaping-of-tokens-during-parsing-29.patch</span><br><span>new file mode 100644</span><br><span>index 0000000..22df638</span><br><span>--- /dev/null</span><br><span>+++ b/third-party/pjproject/patches/0140-Fix-incorrect-unescaping-of-tokens-during-parsing-29.patch</span><br><span>@@ -0,0 +1,123 @@</span><br><span style="color: hsl(120, 100%, 40%);">+From 3faf1d2b4da553bbaee04f9a13a5d084b381e5fb Mon Sep 17 00:00:00 2001</span><br><span style="color: hsl(120, 100%, 40%);">+From: sauwming <ming@teluu.com></span><br><span style="color: hsl(120, 100%, 40%);">+Date: Tue, 4 Jan 2022 15:28:49 +0800</span><br><span style="color: hsl(120, 100%, 40%);">+Subject: [PATCH] Fix incorrect unescaping of tokens during parsing (#2933)</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+---</span><br><span style="color: hsl(120, 100%, 40%);">+ pjsip/src/pjsip/sip_parser.c | 29 +++++++++++++++++++++++++----</span><br><span style="color: hsl(120, 100%, 40%);">+ pjsip/src/test/msg_test.c | 6 +++---</span><br><span style="color: hsl(120, 100%, 40%);">+ 2 files changed, 28 insertions(+), 7 deletions(-)</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+diff --git a/pjsip/src/pjsip/sip_parser.c b/pjsip/src/pjsip/sip_parser.c</span><br><span style="color: hsl(120, 100%, 40%);">+index c2add3299..b9a7c6a5c 100644</span><br><span style="color: hsl(120, 100%, 40%);">+--- a/pjsip/src/pjsip/sip_parser.c</span><br><span>++++ b/pjsip/src/pjsip/sip_parser.c</span><br><span style="color: hsl(120, 100%, 40%);">+@@ -378,17 +378,23 @@ static pj_status_t init_parser()</span><br><span style="color: hsl(120, 100%, 40%);">+ PJ_ASSERT_RETURN(status == PJ_SUCCESS, status);</span><br><span style="color: hsl(120, 100%, 40%);">+ pj_cis_add_str( &pconst.pjsip_TOKEN_SPEC, TOKEN);</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">++ /* Token is allowed to have '%' so we do not need this. */</span><br><span style="color: hsl(120, 100%, 40%);">++ /*</span><br><span style="color: hsl(120, 100%, 40%);">+ status = pj_cis_dup(&pconst.pjsip_TOKEN_SPEC_ESC, &pconst.pjsip_TOKEN_SPEC);</span><br><span style="color: hsl(120, 100%, 40%);">+ PJ_ASSERT_RETURN(status == PJ_SUCCESS, status);</span><br><span style="color: hsl(120, 100%, 40%);">+ pj_cis_del_str(&pconst.pjsip_TOKEN_SPEC_ESC, "%");</span><br><span style="color: hsl(120, 100%, 40%);">++ */</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ status = pj_cis_dup(&pconst.pjsip_VIA_PARAM_SPEC, &pconst.pjsip_TOKEN_SPEC);</span><br><span style="color: hsl(120, 100%, 40%);">+ PJ_ASSERT_RETURN(status == PJ_SUCCESS, status);</span><br><span style="color: hsl(120, 100%, 40%);">+ pj_cis_add_str(&pconst.pjsip_VIA_PARAM_SPEC, "[:]");</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">++ /* Token is allowed to have '%' */</span><br><span style="color: hsl(120, 100%, 40%);">++ /*</span><br><span style="color: hsl(120, 100%, 40%);">+ status = pj_cis_dup(&pconst.pjsip_VIA_PARAM_SPEC_ESC, &pconst.pjsip_TOKEN_SPEC_ESC);</span><br><span style="color: hsl(120, 100%, 40%);">+ PJ_ASSERT_RETURN(status == PJ_SUCCESS, status);</span><br><span style="color: hsl(120, 100%, 40%);">+ pj_cis_add_str(&pconst.pjsip_VIA_PARAM_SPEC_ESC, "[:]");</span><br><span style="color: hsl(120, 100%, 40%);">++ */</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ status = pj_cis_dup(&pconst.pjsip_HOST_SPEC, &pconst.pjsip_ALNUM_SPEC);</span><br><span style="color: hsl(120, 100%, 40%);">+ PJ_ASSERT_RETURN(status == PJ_SUCCESS, status);</span><br><span style="color: hsl(120, 100%, 40%);">+@@ -1210,7 +1216,11 @@ static void parse_param_imp( pj_scanner *scanner, pj_pool_t *pool,</span><br><span style="color: hsl(120, 100%, 40%);">+ unsigned option)</span><br><span style="color: hsl(120, 100%, 40%);">+ {</span><br><span style="color: hsl(120, 100%, 40%);">+ /* pname */</span><br><span style="color: hsl(120, 100%, 40%);">+- parser_get_and_unescape(scanner, pool, spec, esc_spec, pname);</span><br><span style="color: hsl(120, 100%, 40%);">++ if (!esc_spec) {</span><br><span style="color: hsl(120, 100%, 40%);">++ pj_scan_get(scanner, spec, pname);</span><br><span style="color: hsl(120, 100%, 40%);">++ } else {</span><br><span style="color: hsl(120, 100%, 40%);">++ parser_get_and_unescape(scanner, pool, spec, esc_spec, pname);</span><br><span style="color: hsl(120, 100%, 40%);">++ }</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ /* init pvalue */</span><br><span style="color: hsl(120, 100%, 40%);">+ pvalue->ptr = NULL;</span><br><span style="color: hsl(120, 100%, 40%);">+@@ -1240,7 +1250,12 @@ static void parse_param_imp( pj_scanner *scanner, pj_pool_t *pool,</span><br><span style="color: hsl(120, 100%, 40%);">+ // pj_scan_get_until_ch(scanner, ']', pvalue);</span><br><span style="color: hsl(120, 100%, 40%);">+ // pj_scan_get_char(scanner);</span><br><span style="color: hsl(120, 100%, 40%);">+ } else if(pj_cis_match(spec, *scanner->curptr)) {</span><br><span style="color: hsl(120, 100%, 40%);">+- parser_get_and_unescape(scanner, pool, spec, esc_spec, pvalue);</span><br><span style="color: hsl(120, 100%, 40%);">++ if (!esc_spec) {</span><br><span style="color: hsl(120, 100%, 40%);">++ pj_scan_get(scanner, spec, pvalue);</span><br><span style="color: hsl(120, 100%, 40%);">++ } else {</span><br><span style="color: hsl(120, 100%, 40%);">++ parser_get_and_unescape(scanner, pool, spec, esc_spec,</span><br><span style="color: hsl(120, 100%, 40%);">++ pvalue);</span><br><span style="color: hsl(120, 100%, 40%);">++ }</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span style="color: hsl(120, 100%, 40%);">+@@ -1252,7 +1267,10 @@ PJ_DEF(void) pjsip_parse_param_imp(pj_scanner *scanner, pj_pool_t *pool,</span><br><span style="color: hsl(120, 100%, 40%);">+ unsigned option)</span><br><span style="color: hsl(120, 100%, 40%);">+ {</span><br><span style="color: hsl(120, 100%, 40%);">+ parse_param_imp(scanner, pool, pname, pvalue, &pconst.pjsip_TOKEN_SPEC,</span><br><span style="color: hsl(120, 100%, 40%);">+- &pconst.pjsip_TOKEN_SPEC_ESC, option);</span><br><span style="color: hsl(120, 100%, 40%);">++ // Token does not need to be unescaped.</span><br><span style="color: hsl(120, 100%, 40%);">++ // Refer to PR #2933.</span><br><span style="color: hsl(120, 100%, 40%);">++ // &pconst.pjsip_TOKEN_SPEC_ESC,</span><br><span style="color: hsl(120, 100%, 40%);">++ NULL, option);</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+@@ -2168,7 +2186,10 @@ static void int_parse_via_param( pjsip_via_hdr *hdr, pj_scanner *scanner,</span><br><span style="color: hsl(120, 100%, 40%);">+ pj_scan_get_char(scanner);</span><br><span style="color: hsl(120, 100%, 40%);">+ parse_param_imp(scanner, pool, &pname, &pvalue,</span><br><span style="color: hsl(120, 100%, 40%);">+ &pconst.pjsip_VIA_PARAM_SPEC,</span><br><span style="color: hsl(120, 100%, 40%);">+- &pconst.pjsip_VIA_PARAM_SPEC_ESC,</span><br><span style="color: hsl(120, 100%, 40%);">++ // Token does not need to be unescaped.</span><br><span style="color: hsl(120, 100%, 40%);">++ // Refer to PR #2933.</span><br><span style="color: hsl(120, 100%, 40%);">++ // &pconst.pjsip_VIA_PARAM_SPEC_ESC,</span><br><span style="color: hsl(120, 100%, 40%);">++ NULL,</span><br><span style="color: hsl(120, 100%, 40%);">+ 0);</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ if (!parser_stricmp(pname, pconst.pjsip_BRANCH_STR) && pvalue.slen) {</span><br><span style="color: hsl(120, 100%, 40%);">+diff --git a/pjsip/src/test/msg_test.c b/pjsip/src/test/msg_test.c</span><br><span style="color: hsl(120, 100%, 40%);">+index c511e1cf6..24e3d405d 100644</span><br><span style="color: hsl(120, 100%, 40%);">+--- a/pjsip/src/test/msg_test.c</span><br><span>++++ b/pjsip/src/test/msg_test.c</span><br><span style="color: hsl(120, 100%, 40%);">+@@ -953,7 +953,7 @@ static int hdr_test_subject_utf(pjsip_hdr *h);</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ #define GENERIC_PARAM "p0=a;p1=\"ab:;cd\";p2=ab%3acd;p3"</span><br><span style="color: hsl(120, 100%, 40%);">+-#define GENERIC_PARAM_PARSED "p0=a;p1=\"ab:;cd\";p2=ab:cd;p3"</span><br><span style="color: hsl(120, 100%, 40%);">++#define GENERIC_PARAM_PARSED "p0=a;p1=\"ab:;cd\";p2=ab%3acd;p3"</span><br><span style="color: hsl(120, 100%, 40%);">+ #define PARAM_CHAR "][/:&+$"</span><br><span style="color: hsl(120, 100%, 40%);">+ #define SIMPLE_ADDR_SPEC "sip:host"</span><br><span style="color: hsl(120, 100%, 40%);">+ #define ADDR_SPEC SIMPLE_ADDR_SPEC ";"PARAM_CHAR"="PARAM_CHAR ";p1=\";\""</span><br><span style="color: hsl(120, 100%, 40%);">+@@ -1401,7 +1401,7 @@ static int generic_param_test(pjsip_param *param_head)</span><br><span style="color: hsl(120, 100%, 40%);">+ param = param->next;</span><br><span style="color: hsl(120, 100%, 40%);">+ if (pj_strcmp2(¶m->name, "p2"))</span><br><span style="color: hsl(120, 100%, 40%);">+ return -956;</span><br><span style="color: hsl(120, 100%, 40%);">+- if (pj_strcmp2(¶m->value, "ab:cd"))</span><br><span style="color: hsl(120, 100%, 40%);">++ if (pj_strcmp2(¶m->value, "ab%3acd"))</span><br><span style="color: hsl(120, 100%, 40%);">+ return -957;</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ param = param->next;</span><br><span style="color: hsl(120, 100%, 40%);">+@@ -1621,7 +1621,7 @@ static int hdr_test_content_type(pjsip_hdr *h)</span><br><span style="color: hsl(120, 100%, 40%);">+ prm = prm->next;</span><br><span style="color: hsl(120, 100%, 40%);">+ if (prm == &hdr->media.param) return -1960;</span><br><span style="color: hsl(120, 100%, 40%);">+ if (pj_strcmp2(&prm->name, "p2")) return -1961;</span><br><span style="color: hsl(120, 100%, 40%);">+- if (pj_strcmp2(&prm->value, "ab:cd")) return -1962;</span><br><span style="color: hsl(120, 100%, 40%);">++ if (pj_strcmp2(&prm->value, "ab%3acd")) return -1962;</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ prm = prm->next;</span><br><span style="color: hsl(120, 100%, 40%);">+ if (prm == &hdr->media.param) return -1970;</span><br><span style="color: hsl(120, 100%, 40%);">+-- </span><br><span style="color: hsl(120, 100%, 40%);">+2.32.0</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/c/asterisk/+/17803">change 17803</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/c/asterisk/+/17803"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: 18 </div>
<div style="display:none"> Gerrit-Change-Id: I29dcde52e9faeaf2609c604eada61c6a9e49d8f5 </div>
<div style="display:none"> Gerrit-Change-Number: 17803 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Sean Bright <sean@seanbright.com> </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>