Tree - rpms/opensips - src.fedoraproject.org

rpms / opensips

Overview Files Commits Branches Forks Releases

Monitoring status:

Bugzilla Assignee:

Fedora:: peter
EPEL:: peter

Files

Commit: 205726de8be92f9e8668e7ec03ea3d8fac43b25e

Blob Blame History Raw

From: Liviu Chircu <liviu@opensips.org>
Date: Fri, 25 May 2018 11:50:55 +0300
Subject: [PATCH] path: Fix buffer overflow with use_path_received + IPv6

Introduced in commit b3bf15646a

(cherry picked from commit 636a7420072b90c21bd3073b2c2bad6b375284ea)

diff --git a/lib/path.c b/lib/path.c
index e559664e5..7bea3db5b 100644
--- a/lib/path.c
+++ b/lib/path.c
@@ -102,7 +102,7 @@ static int build_path(struct sip_msg* _m, struct lump* l, struct lump* l2,
 		/* TODO: agranig: optimize this one! */
 		src_ip = ip_addr2a(&_m->rcv.src_ip);
 		rcv_addr.s = pkg_malloc(4 + IP_ADDR_MAX_STR_SIZE + 7 +
-			PATH_TRANS_PARAM_LEN + 4); /* sip:<ip>:<port>[;transport=xxxx]\0 */
+			PATH_ESC_TRANS_PARAM_LEN + 4); /* sip:<ip>:<port>(\0|[%3btransport%3dxxxx]) */
 		if(!rcv_addr.s) {
 			LM_ERR("no pkg memory left for receive-address\n");
 			goto out4;

rpms / opensips

Source Code

Files