Asterisk
/
asterisk
mirror of https://github.com/asterisk/asterisk
1
0
Fork 0
Code Issues Releases Wiki Activity

chan_sip: Do not allow non-SP/HTAB between header key and colon.

Browse Source 
RFC says SIP headers look like:

    HCOLON  =  *( SP / HTAB ) ":" SWS
    SWS     =  [LWS]                    ; sep whitespace
    LWS     =  [*WSP CRLF] 1*WSP        ; linear whitespace
    WSP     =  SP / HTAB                ; from rfc2234

chan_sip implemented this:

    HCOLON  =  *( LOWCTL / SP ) ":" SWS
    LOWCTL  = %x00-1F                   ; CTL without DEL

This discrepancy meant that SIP proxies in front of Asterisk with
chan_sip could pass on unknown headers with \x00-\x1F in them, which
would be treated by Asterisk as a different (known) header.  For
example, the "To\x01:" header would gladly be forwarded by some proxies
as irrelevant, but chan_sip would treat it as the relevant "To:" header.

Those relying on a SIP proxy to scrub certain headers could mistakenly
get unexpected and unvalidated data fed to Asterisk.

This change fixes so chan_sip only considers SP/HTAB as valid tokens
before the colon, making it agree on the headers with other speakers of
SIP.

ASTERISK-26433 #close
AST-2016-009

Change-Id: I78086fbc524ac733b8f7f78cb423c91075fd489b
changes/84/4584/1
Walter Doekes 9 years ago committed by Mark Michelson
parent 016d20ce12
commit 4fece22836
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File

8
channels/chan_sip.c
Unescape View File

@ -8435,8 +8435,6 @@ static const char *__get_header(const struct sip_request *req, const char *name,
* one afterwards. If you shouldn't do it, what absolute idiot decided it was
* a good idea to say you can do it, and if you can do it, why in the hell would.
* you say you shouldn't.
* Anyways, pedanticsipchecking controls whether we allow spaces before ':',
* and we always allow spaces after that for compatibility.
*/
const char *sname = find_alias(name, NULL);
int x, len = strlen(name), slen = (sname ? 1 : 0);
@ -8449,10 +8447,10 @@ static const char *__get_header(const struct sip_request *req, const char *name,
if (match || smatch) {
/* skip name */
const char *r = header + (match ? len : slen );
if (sip_cfg.pedanticsipchecking) {
r = ast_skip_blanks(r);
/* HCOLON has optional SP/HTAB; skip past those */
while (*r == ' ' || *r == '\t') {
++r;
}
if (*r == ':') {
*start = x+1;
return ast_skip_blanks(r+1);

Write Preview
Loading…
Cancel
Save