Do not append colon if uri password is NULL #598
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Although current behavior barely passes RFC requirements (i.e. it's correct), a SIP server should try to be as permissive as possible when receiving, yet strictly adhere to recommended RFC behavior when sending. And appending unnecessary colons to URI usernames doesn't seem to be too recommended. The fix looks great, since it still propagates existing empty-string passwords, if script writer really needs this. Many thanks, @jarrodb ! |
liviuchircu
added a commit
that referenced
this pull request
Aug 12, 2015
Do not append colon if uri password is NULL
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I agree with @brettnem's assessment of the problem with #593. As @liviuchircu pointed out, this pull requests addresses the problem in
do_action.c:1032where a colon is blindly added if the user exists without consideration for the presence of an actual password... it attempts a memcpy on a NULL pointer no less (albeit with a length of 0).I think if
parse_uri(tmp, len, &uri)<0)finds an actual semi colon after the user and the password IS indeed blank, uri.password.s should be initialized to an empty string""instead of NULL so thatdo_action.c:1032check passes and the current "problematic" behavior will occur. But otherwise, if the password is NULL, the colon should not be appended.This should satisfy the userinfo requirements as well as fix the issue presented.
Thoughts?