Asterisk
/
asterisk
mirror of https://github.com/asterisk/asterisk
1
0
Fork 0
Code Issues Releases Wiki Activity

Make sure we don't accept streams we can't handle (bug #3818)

Browse Source 
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@5224 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1.2-netsec
Mark Spencer 21 years ago
parent 1507997410
commit ceadbd2d91
1 changed files with 34 additions and 19 deletions
Show Stats Download Patch File Download Diff File

53
channels/chan_sip.c
Unescape View File

@ -2795,8 +2795,8 @@ static int process_sdp(struct sip_pvt *p, struct sip_request *req)
char host[258]; char host[258];
char iabuf[INET_ADDRSTRLEN]; char iabuf[INET_ADDRSTRLEN];
int len = -1; int len = -1;
int portno=0; int portno = -1;
int vportno=0; int vportno = -1;
int peercapability, peernoncodeccapability; int peercapability, peernoncodeccapability;
int vpeercapability=0, vpeernoncodeccapability=0; int vpeercapability=0, vpeernoncodeccapability=0;
struct sockaddr_in sin; struct sockaddr_in sin;
@ -2839,8 +2839,10 @@ static int process_sdp(struct sip_pvt *p, struct sip_request *req)
sdpLineNum_iterator_init(&iterator); sdpLineNum_iterator_init(&iterator);
ast_set_flag(p, SIP_NOVIDEO); ast_set_flag(p, SIP_NOVIDEO);
while ((m = get_sdp_iterate(&iterator, req, "m"))[0] != '\0') { while ((m = get_sdp_iterate(&iterator, req, "m"))[0] != '\0') {
int found = 0;
if ((sscanf(m, "audio %d RTP/AVP %n", &x, &len) == 1) || if ((sscanf(m, "audio %d RTP/AVP %n", &x, &len) == 1) ||
(sscanf(m, "audio %d/%d RTP/AVP %n", &x, &y, &len) == 2)) { (sscanf(m, "audio %d/%d RTP/AVP %n", &x, &y, &len) == 2)) {
found = 1;
portno = x; portno = x;
/* Scan through the RTP payload types specified in a "m=" line: */ /* Scan through the RTP payload types specified in a "m=" line: */
ast_rtp_pt_clear(p->rtp); ast_rtp_pt_clear(p->rtp);
@ -2862,6 +2864,7 @@ static int process_sdp(struct sip_pvt *p, struct sip_request *req)
ast_rtp_pt_clear(p->vrtp); /* Must be cleared in case no m=video line exists */ ast_rtp_pt_clear(p->vrtp); /* Must be cleared in case no m=video line exists */
if (p->vrtp && (sscanf(m, "video %d RTP/AVP %n", &x, &len) == 1)) { if (p->vrtp && (sscanf(m, "video %d RTP/AVP %n", &x, &len) == 1)) {
found = 1;
ast_clear_flag(p, SIP_NOVIDEO); ast_clear_flag(p, SIP_NOVIDEO);
vportno = x; vportno = x;
/* Scan through the RTP payload types specified in a "m=" line: */ /* Scan through the RTP payload types specified in a "m=" line: */
@ -2879,6 +2882,12 @@ static int process_sdp(struct sip_pvt *p, struct sip_request *req)
while(*codecs && (*codecs < 33)) codecs++; while(*codecs && (*codecs < 33)) codecs++;
} }
} }
if (!found )
ast_log(LOG_WARNING, "Unknown SDP media type in offer: %s\n", m);
}
if (portno == -1 && vportno == -1) {
/* No acceptable offer found in SDP */
return -2;
} }
/* Check for Media-description-level-address for audio */ /* Check for Media-description-level-address for audio */
if (pedanticsipchecking) { if (pedanticsipchecking) {
@ -2938,21 +2947,21 @@ static int process_sdp(struct sip_pvt *p, struct sip_request *req)
*/ */
sdpLineNum_iterator_init(&iterator); sdpLineNum_iterator_init(&iterator);
while ((a = get_sdp_iterate(&iterator, req, "a"))[0] != '\0') { while ((a = get_sdp_iterate(&iterator, req, "a"))[0] != '\0') {
char* mimeSubtype = ast_strdupa(a); /* ensures we have enough space */ char* mimeSubtype = ast_strdupa(a); /* ensures we have enough space */
if (!strcasecmp(a, "sendonly")) { if (!strcasecmp(a, "sendonly")) {
sendonly=1; sendonly=1;
continue; continue;
} }
if (!strcasecmp(a, "sendrecv")) { if (!strcasecmp(a, "sendrecv")) {
sendonly=0; sendonly=0;
} }
if (sscanf(a, "rtpmap: %u %[^/]/", &codec, mimeSubtype) != 2) continue; if (sscanf(a, "rtpmap: %u %[^/]/", &codec, mimeSubtype) != 2) continue;
if (debug) if (debug)
ast_verbose("Found description format %s\n", mimeSubtype); ast_verbose("Found description format %s\n", mimeSubtype);
/* Note: should really look at the 'freq' and '#chans' params too */ /* Note: should really look at the 'freq' and '#chans' params too */
ast_rtp_set_rtpmap_type(p->rtp, codec, "audio", mimeSubtype); ast_rtp_set_rtpmap_type(p->rtp, codec, "audio", mimeSubtype);
if (p->vrtp) if (p->vrtp)
ast_rtp_set_rtpmap_type(p->vrtp, codec, "video", mimeSubtype); ast_rtp_set_rtpmap_type(p->vrtp, codec, "video", mimeSubtype);
} }
/* Now gather all of the codecs that were asked for: */ /* Now gather all of the codecs that were asked for: */
@ -8273,8 +8282,11 @@ static int handle_request_invite(struct sip_pvt *p, struct sip_request *req, int
if (p->owner) { if (p->owner) {
/* Handle SDP here if we already have an owner */ /* Handle SDP here if we already have an owner */
if (!ast_strlen_zero(get_header(req, "Content-Type"))) { if (!ast_strlen_zero(get_header(req, "Content-Type"))) {
if (process_sdp(p, req)) if (process_sdp(p, req)) {
transmit_response(p, "488 Not acceptable here", req);
ast_set_flag(p, SIP_NEEDDESTROY);
return -1; return -1;
}
} else { } else {
p->jointcapability = p->capability; p->jointcapability = p->capability;
ast_log(LOG_DEBUG, "Hm.... No sdp for the moment\n"); ast_log(LOG_DEBUG, "Hm.... No sdp for the moment\n");
@ -8298,8 +8310,11 @@ static int handle_request_invite(struct sip_pvt *p, struct sip_request *req, int
} }
/* Process the SDP portion */ /* Process the SDP portion */
if (!ast_strlen_zero(get_header(req, "Content-Type"))) { if (!ast_strlen_zero(get_header(req, "Content-Type"))) {
if (process_sdp(p, req)) if (process_sdp(p, req)) {
transmit_response(p, "488 Not acceptable here", req);
ast_set_flag(p, SIP_NEEDDESTROY);
return -1; return -1;
}
} else { } else {
p->jointcapability = p->capability; p->jointcapability = p->capability;
ast_log(LOG_DEBUG, "Hm.... No sdp for the moment\n"); ast_log(LOG_DEBUG, "Hm.... No sdp for the moment\n");

Write Preview
Loading…
Cancel
Save