Skip to content
Permalink
Browse files Browse the repository at this point in the history
[sipmsgops] fix codec_delete_XX() parsing
Issue discovered during OpenSIPS Security Audit 2021/2022,
by Alfred Farrugia & Sandro Gauci (Enable Security)

GHSA-3ghx-j39m-cw4f
  • Loading branch information
bogdan-iancu committed Mar 24, 2022
1 parent a1406ad commit dd051f8
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion modules/sipmsgops/codecs.c
Expand Up @@ -559,7 +559,7 @@ static int stream_process(struct sip_msg * msg, struct sdp_stream_cell *cell,
/* when trimming the very last payload, avoid trailing ws */
if (cur == lmp->u.value + lmp->len) {
tmp = found.s;
while (*(--tmp) == ' ') {
while (tmp>lmp->u.value && *(--tmp) == ' ') {
found.s--;
found.len++;
}
Expand Down

0 comments on commit dd051f8

Please sign in to comment.