sipwise
/
rtpengine
mirror of https://github.com/sipwise/rtpengine.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Replaced sprintf by snprintf for cdrbuffer

Browse Source 
Avoid buffer overflows.
Also make cdrbuffend -= 1; append spaces to the TRUNCATED message because
syslog trims the output to 8205 chars on a line for big log buffers.
pull/176/head
Frederic-Philippe Metz 10 years ago committed by smititelu
parent d059a6cb43
commit 10f6e51b72
3 changed files with 117 additions and 104 deletions
Show Stats Download Patch File Download Diff File

37
daemon/call.c
Unescape View File

@ -2795,6 +2795,8 @@ struct timeval add_ongoing_calls_dur_in_interval(struct callmaster *m,
return res;
}
#define CDRBUFREMAINDER cdrbufend-cdrbufcur
/* called lock-free, but must hold a reference to the call */
void call_destroy(struct call *c) {
struct callmaster *m = c->callmaster;
@ -2810,7 +2812,9 @@ void call_destroy(struct call *c) {
static const int CDRBUFLENGTH = 4096*2;
char cdrbuffer[CDRBUFLENGTH];
char* cdrbufcur = cdrbuffer;
char* cdrbufend = cdrbuffer+CDRBUFLENGTH-1;
int cdrlinecnt = 0;
int printlen=0;
int found = 0;
const struct rtp_payload_type *rtp_pt;
@ -2842,10 +2846,14 @@ void call_destroy(struct call *c) {
/* CDRs and statistics */
if (_log_facility_cdr) {
cdrbufcur += sprintf(cdrbufcur,"ci=%s, ",c->callid.s);
cdrbufcur += sprintf(cdrbufcur,"created_from=%s, ", c->created_from);
cdrbufcur += sprintf(cdrbufcur,"last_signal=%llu, ", (unsigned long long)c->last_signal);
cdrbufcur += sprintf(cdrbufcur,"tos=%u, ", (unsigned int)c->tos);
printlen = snprintf(cdrbufcur,CDRBUFREMAINDER,"ci=%s, ",c->callid.s);
ADJUSTLEN(printlen,cdrbufend,cdrbufcur);
printlen = snprintf(cdrbufcur,CDRBUFREMAINDER,"created_from=%s, ", c->created_from);
ADJUSTLEN(printlen,cdrbufend,cdrbufcur);
printlen = snprintf(cdrbufcur,CDRBUFREMAINDER,"last_signal=%llu, ", (unsigned long long)c->last_signal);
ADJUSTLEN(printlen,cdrbufend,cdrbufcur);
printlen = snprintf(cdrbufcur,CDRBUFREMAINDER,"tos=%u, ", (unsigned int)c->tos);
ADJUSTLEN(printlen,cdrbufend,cdrbufcur);
}
for (l = c->monologues; l; l = l->next) {
@ -2859,7 +2867,8 @@ void call_destroy(struct call *c) {
timeval_subtract(&tim_result_duration,&ml->terminated,&ml->started);
if (_log_facility_cdr) {
cdrbufcur += sprintf(cdrbufcur, "ml%i_start_time=%ld.%06lu, "
printlen = snprintf(cdrbufcur, CDRBUFREMAINDER,
"ml%i_start_time=%ld.%06lu, "
"ml%i_end_time=%ld.%06ld, "
"ml%i_duration=%ld.%06ld, "
"ml%i_termination=%s, "
@ -2873,6 +2882,7 @@ void call_destroy(struct call *c) {
cdrlinecnt, ml->tag.s,
cdrlinecnt, get_tag_type_text(ml->tagtype),
cdrlinecnt, ml->active_dialogue ? ml->active_dialogue->tag.s : "(none)");
ADJUSTLEN(printlen,cdrbufend,cdrbufcur);
}
ilog(LOG_INFO, "--- Tag '"STR_FORMAT"', created "
@ -2905,10 +2915,11 @@ void call_destroy(struct call *c) {
/* add PayloadType(codec) info in CDR logging */
if (_log_facility_cdr && rtp_pt) {
cdrbufcur += sprintf(cdrbufcur,
"payload_type=%u, ", rtp_pt->payload_type);
printlen = snprintf(cdrbufcur, CDRBUFREMAINDER, "payload_type=%u, ", rtp_pt->payload_type);
ADJUSTLEN(printlen,cdrbufend,cdrbufcur);
} else if (_log_facility_cdr && !rtp_pt) {
cdrbufcur += sprintf(cdrbufcur, "payload_type=unknown, ");
printlen = snprintf(cdrbufcur, CDRBUFREMAINDER, "payload_type=unknown, ");
ADJUSTLEN(printlen,cdrbufend,cdrbufcur);
}
for (o = md->streams.head; o; o = o->next) {
@ -2923,7 +2934,7 @@ void call_destroy(struct call *c) {
const char* protocol = (!PS_ISSET(ps, RTP) && PS_ISSET(ps, RTCP)) ? "rtcp" : "rtp";
if(!PS_ISSET(ps, RTP) && PS_ISSET(ps, RTCP)) {
cdrbufcur += sprintf(cdrbufcur,
printlen = snprintf(cdrbufcur, CDRBUFREMAINDER,
"ml%i_midx%u_%s_endpoint_ip=%s, "
"ml%i_midx%u_%s_endpoint_port=%u, "
"ml%i_midx%u_%s_local_relay_port=%u, "
@ -2945,9 +2956,10 @@ void call_destroy(struct call *c) {
atomic64_get(&ps->last_packet),
cdrlinecnt, md->index, protocol,
ps->stats.in_tos_tclass);
ADJUSTLEN(printlen,cdrbufend,cdrbufcur);
} else {
#if (RE_HAS_MEASUREDELAY)
cdrbufcur += sprintf(cdrbufcur,
printlen = snprintf(cdrbufcur, CDRBUFREMAINDER,
"ml%i_midx%u_%s_endpoint_ip=%s, "
"ml%i_midx%u_%s_endpoint_port=%u, "
"ml%i_midx%u_%s_local_relay_port=%u, "
@ -2975,8 +2987,9 @@ void call_destroy(struct call *c) {
cdrlinecnt, md->index, protocol, (double) ps->stats.delay_min / 1000000,
cdrlinecnt, md->index, protocol, (double) ps->stats.delay_avg / 1000000,
cdrlinecnt, md->index, protocol, (double) ps->stats.delay_max / 1000000);
ADJUSTLEN(printlen,cdrbufend,cdrbufcur);
#else
cdrbufcur += sprintf(cdrbufcur,
printlen = snprintf(cdrbufcur, CDRBUFREMAINDER,
"ml%i_midx%u_%s_endpoint_ip=%s, "
"ml%i_midx%u_%s_endpoint_port=%u, "
"ml%i_midx%u_%s_local_relay_port=%u, "
@ -2998,7 +3011,7 @@ void call_destroy(struct call *c) {
atomic64_get(&ps->last_packet),
cdrlinecnt, md->index, protocol,
ps->stats.in_tos_tclass);
ADJUSTLEN(printlen,cdrbufend,cdrbufcur);
#endif
}
}

10
daemon/call.h
Unescape View File

@ -18,6 +18,16 @@
#include "control_ng.h"
#include "aux.h"
#define TRUNCATED " ... Output truncated. Increase Output Buffer ... \n"
#define truncate_output(x) strcpy(x - strlen(TRUNCATED) - 1, TRUNCATED)
#define ADJUSTLEN(printlen,outbufend,replybuffer) do { \
replybuffer += (printlen>=outbufend-replybuffer)?outbufend-replybuffer:printlen; \
if (replybuffer == outbufend) \
truncate_output(replybuffer); \
} while (0);
enum termination_reason {
UNKNOWN=0,
REGULAR=1,

10
daemon/cli.c
Unescape View File

@ -16,16 +16,6 @@
#include "rtpengine_config.h"
static const char* TRUNCATED = " ... Output truncated. Increase Output Buffer ...\n";
#define truncate_output(x) strcpy(x - strlen(TRUNCATED) - 1, TRUNCATED)
#define ADJUSTLEN(printlen,outbuflen,replybuffer) do { \
replybuffer += (printlen>=outbufend-replybuffer)?outbufend-replybuffer:printlen; \
if (replybuffer == outbufend) \
truncate_output(replybuffer); \
} while (0);
static void cli_incoming_list_totals(char* buffer, int len, struct callmaster* m, char* replybuffer, const char* outbufend) {
int printlen=0;
struct timeval avg, calls_dur_iv;

Write Preview
Loading…
Cancel
Save