Skip to content
Permalink
Browse files Browse the repository at this point in the history
parse_param_name(): Improve param parsing macros
Issue discovered during OpenSIPS Security Audit 2021,
    by Alfred Farrugia & Sandro Gauci (Enable Security)

GHSA-jrqg-vppj-hr2h
  • Loading branch information
liviuchircu committed Oct 27, 2021
1 parent af38dad commit dd9141b
Showing 1 changed file with 12 additions and 9 deletions.
21 changes: 12 additions & 9 deletions parser/digest/param_parser.c
Expand Up @@ -72,6 +72,7 @@
#define READ(val) \
(*(val + 0) + (*(val + 1) << 8) + (*(val + 2) << 16) + (*(val + 3) << 24))

#define NEED(bytes) do { if (end - p < (bytes)) goto other; } while (0)

#define name_CASE \
switch(LOWER_DWORD(val)) { \
Expand All @@ -83,28 +84,30 @@


#define user_CASE \
p += 4; \
p += 4; NEED(4); \
val = READ(p); \
name_CASE; \
goto other;


#define real_CASE \
p += 4; \
p += 4; NEED(1); \
if (LOWER_BYTE(*p) == 'm') { \
*_type = PAR_REALM; \
p++; \
goto end; \
}
} \
goto other;


#define nonc_CASE \
p += 4; \
p += 4; NEED(1); \
if (LOWER_BYTE(*p) == 'e') { \
*_type = PAR_NONCE; \
p++; \
goto end; \
}
} \
goto other;


#define onse_CASE \
Expand All @@ -117,14 +120,14 @@


#define resp_CASE \
p += 4; \
p += 4; NEED(4); \
val = READ(p); \
onse_CASE; \
goto other;


#define cnon_CASE \
p += 4; \
p += 4; NEED(2); \
if (LOWER_BYTE(*p) == 'c') { \
p++; \
if (LOWER_BYTE(*p) == 'e') { \
Expand All @@ -137,7 +140,7 @@


#define opaq_CASE \
p += 4; \
p += 4; NEED(2); \
if (LOWER_BYTE(*p) == 'u') { \
p++; \
if (LOWER_BYTE(*p) == 'e') { \
Expand All @@ -163,7 +166,7 @@


#define algo_CASE \
p += 4; \
p += 4; NEED(5); \
val = READ(p); \
rith_CASE; \
goto other
Expand Down

0 comments on commit dd9141b

Please sign in to comment.