From 350b8302cf778478bc2ee88dda0818dc4f37074e Mon Sep 17 00:00:00 2001 From: Daniel-Constantin Mierla Date: Thu, 11 Feb 2016 23:07:56 +0100 Subject: [PATCH] registrar: send 400 if the reg-id value is invalid - reported by GH #497 (cherry picked from commit f39d144e385f1fbf8759ba03e28e69aeb56d6e6a) (cherry picked from commit d137e228044536a52e377e7af8a6c51b955172c4) --- modules/registrar/reply.c | 163 +++++++++++++++++++------------------ modules/registrar/rerrno.h | 9 +- modules/registrar/save.c | 23 +++--- 3 files changed, 100 insertions(+), 95 deletions(-) diff --git a/modules/registrar/reply.c b/modules/registrar/reply.c index b5a67c09a45..d175456c3d9 100644 --- a/modules/registrar/reply.c +++ b/modules/registrar/reply.c @@ -17,8 +17,8 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * * History: @@ -32,8 +32,8 @@ /*! * \file * \brief SIP registrar module - Send a reply - * \ingroup registrar - */ + * \ingroup registrar + */ #include #include "../../ut.h" @@ -112,10 +112,10 @@ static inline unsigned int calc_buf_len(ucontact_t* c, str *host, int mode) if (qlen) len += Q_PARAM_LEN + qlen; len += EXPIRES_PARAM_LEN + INT2STR_MAX_LEN; if (rcv_param.len>0 && c->received.s) { - len += 1 /* ; */ - + rcv_param.len - + 1 /* = */ - + 1 /* dquote */ + len += 1 /* ; */ + + rcv_param.len + + 1 /* = */ + + 1 /* dquote */ + c->received.len + 1 /* dquote */ ; @@ -212,7 +212,7 @@ int build_contact(sip_msg_t *msg, ucontact_t* c, str *host) } p = contact.buf; - + memcpy(p, CONTACT_BEGIN, CONTACT_BEGIN_LEN); p += CONTACT_BEGIN_LEN; @@ -401,7 +401,7 @@ int build_contact(sip_msg_t *msg, ucontact_t* c, str *host) #define EI_R_PARSE "Message parse error" /* R_PARSE */ #define EI_R_TO_MISS "To header not found" /* R_TO_MISS */ #define EI_R_CID_MISS "Call-ID header not found" /* R_CID_MISS */ -#define EI_R_CS_MISS "CSeq header not found" /* R_CS_MISS */ +#define EI_R_CS_MISS "CSeq header not found" /* R_CS_MISS */ #define EI_R_PARSE_EXP "Expires parse error" /* R_PARSE_EXP */ #define EI_R_PARSE_CONT "Contact parse error" /* R_PARSE_CONT */ #define EI_R_STAR_EXP "* used in contact and expires is not zero" /* R_STAR__EXP */ @@ -417,6 +417,7 @@ int build_contact(sip_msg_t *msg, ucontact_t* c, str *host) #define EI_R_OB_UNSUP "No support for Outbound indicated" /* R_OB_UNSUP */ #define EI_R_OB_REQD "No support for Outbound on server" /* R_OB_REQD */ #define EI_R_OB_UNSUP_EDGE "No support for Outbound on edge proxy" /* R_OB_UNSUP_EDGE */ +#define EI_R_INV_REGID "Invalid Reg-Id number" /* R_INV_REGID */ str error_info[] = { @@ -453,6 +454,7 @@ str error_info[] = { {EI_R_OB_UNSUP, sizeof(EI_R_OB_UNSUP) - 1}, {EI_R_OB_REQD, sizeof(EI_R_OB_REQD) - 1}, {EI_R_OB_UNSUP_EDGE, sizeof(EI_R_OB_UNSUP_EDGE) - 1}, + {EI_R_INV_REGID, sizeof(EI_R_INV_REGID) - 1}, }; int codes[] = { @@ -489,6 +491,7 @@ int codes[] = { 421, /* R_OB_UNSUP */ 420, /* R_OB_REQD */ 439, /* R_OB_UNSUP_EDGE */ + 400, /* R_INV_REGID */ }; @@ -498,20 +501,20 @@ int codes[] = { static int add_retry_after(struct sip_msg* _m) { char* buf, *ra_s; - int ra_len; - - ra_s = int2str(cfg_get(registrar, registrar_cfg, retry_after), &ra_len); - buf = (char*)pkg_malloc(RETRY_AFTER_LEN + ra_len + CRLF_LEN); - if (!buf) { - LM_ERR("no pkg memory left\n"); - return -1; - } - memcpy(buf, RETRY_AFTER, RETRY_AFTER_LEN); - memcpy(buf + RETRY_AFTER_LEN, ra_s, ra_len); - memcpy(buf + RETRY_AFTER_LEN + ra_len, CRLF, CRLF_LEN); - add_lump_rpl(_m, buf, RETRY_AFTER_LEN + ra_len + CRLF_LEN, - LUMP_RPL_HDR | LUMP_RPL_NODUP); - return 0; + int ra_len; + + ra_s = int2str(cfg_get(registrar, registrar_cfg, retry_after), &ra_len); + buf = (char*)pkg_malloc(RETRY_AFTER_LEN + ra_len + CRLF_LEN); + if (!buf) { + LM_ERR("no pkg memory left\n"); + return -1; + } + memcpy(buf, RETRY_AFTER, RETRY_AFTER_LEN); + memcpy(buf + RETRY_AFTER_LEN, ra_s, ra_len); + memcpy(buf + RETRY_AFTER_LEN + ra_len, CRLF, CRLF_LEN); + add_lump_rpl(_m, buf, RETRY_AFTER_LEN + ra_len + CRLF_LEN, + LUMP_RPL_HDR | LUMP_RPL_NODUP); + return 0; } #define PATH "Path: " @@ -521,17 +524,17 @@ static int add_path(struct sip_msg* _m, str* _p) { char* buf; - buf = (char*)pkg_malloc(PATH_LEN + _p->len + CRLF_LEN); - if (!buf) { - LM_ERR("no pkg memory left\n"); - return -1; - } - memcpy(buf, PATH, PATH_LEN); - memcpy(buf + PATH_LEN, _p->s, _p->len); - memcpy(buf + PATH_LEN + _p->len, CRLF, CRLF_LEN); - add_lump_rpl(_m, buf, PATH_LEN + _p->len + CRLF_LEN, - LUMP_RPL_HDR | LUMP_RPL_NODUP); - return 0; + buf = (char*)pkg_malloc(PATH_LEN + _p->len + CRLF_LEN); + if (!buf) { + LM_ERR("no pkg memory left\n"); + return -1; + } + memcpy(buf, PATH, PATH_LEN); + memcpy(buf + PATH_LEN, _p->s, _p->len); + memcpy(buf + PATH_LEN + _p->len, CRLF, CRLF_LEN); + add_lump_rpl(_m, buf, PATH_LEN + _p->len + CRLF_LEN, + LUMP_RPL_HDR | LUMP_RPL_NODUP); + return 0; } #define UNSUPPORTED "Unsupported: " @@ -541,17 +544,17 @@ static int add_unsupported(struct sip_msg* _m, str* _p) { char* buf; - buf = (char*)pkg_malloc(UNSUPPORTED_LEN + _p->len + CRLF_LEN); - if (!buf) { - LM_ERR("no pkg memory left\n"); - return -1; - } - memcpy(buf, UNSUPPORTED, UNSUPPORTED_LEN); - memcpy(buf + UNSUPPORTED_LEN, _p->s, _p->len); - memcpy(buf + UNSUPPORTED_LEN + _p->len, CRLF, CRLF_LEN); - add_lump_rpl(_m, buf, UNSUPPORTED_LEN + _p->len + CRLF_LEN, - LUMP_RPL_HDR | LUMP_RPL_NODUP); - return 0; + buf = (char*)pkg_malloc(UNSUPPORTED_LEN + _p->len + CRLF_LEN); + if (!buf) { + LM_ERR("no pkg memory left\n"); + return -1; + } + memcpy(buf, UNSUPPORTED, UNSUPPORTED_LEN); + memcpy(buf + UNSUPPORTED_LEN, _p->s, _p->len); + memcpy(buf + UNSUPPORTED_LEN + _p->len, CRLF, CRLF_LEN); + add_lump_rpl(_m, buf, UNSUPPORTED_LEN + _p->len + CRLF_LEN, + LUMP_RPL_HDR | LUMP_RPL_NODUP); + return 0; } #define REQUIRE "Require: " @@ -561,17 +564,17 @@ static int add_require(struct sip_msg* _m, str* _p) { char* buf; - buf = (char*)pkg_malloc(REQUIRE_LEN + _p->len + CRLF_LEN); - if (!buf) { - LM_ERR("no pkg memory left\n"); - return -1; - } - memcpy(buf, REQUIRE, REQUIRE_LEN); - memcpy(buf + REQUIRE_LEN, _p->s, _p->len); - memcpy(buf + REQUIRE_LEN + _p->len, CRLF, CRLF_LEN); - add_lump_rpl(_m, buf, REQUIRE_LEN + _p->len + CRLF_LEN, - LUMP_RPL_HDR | LUMP_RPL_NODUP); - return 0; + buf = (char*)pkg_malloc(REQUIRE_LEN + _p->len + CRLF_LEN); + if (!buf) { + LM_ERR("no pkg memory left\n"); + return -1; + } + memcpy(buf, REQUIRE, REQUIRE_LEN); + memcpy(buf + REQUIRE_LEN, _p->s, _p->len); + memcpy(buf + REQUIRE_LEN + _p->len, CRLF, CRLF_LEN); + add_lump_rpl(_m, buf, REQUIRE_LEN + _p->len + CRLF_LEN, + LUMP_RPL_HDR | LUMP_RPL_NODUP); + return 0; } #define SUPPORTED "Supported: " @@ -581,17 +584,17 @@ static int add_supported(struct sip_msg* _m, str* _p) { char* buf; - buf = (char*)pkg_malloc(SUPPORTED_LEN + _p->len + CRLF_LEN); - if (!buf) { - LM_ERR("no pkg memory left\n"); - return -1; - } - memcpy(buf, SUPPORTED, SUPPORTED_LEN); - memcpy(buf + SUPPORTED_LEN, _p->s, _p->len); - memcpy(buf + SUPPORTED_LEN + _p->len, CRLF, CRLF_LEN); - add_lump_rpl(_m, buf, SUPPORTED_LEN + _p->len + CRLF_LEN, - LUMP_RPL_HDR | LUMP_RPL_NODUP); - return 0; + buf = (char*)pkg_malloc(SUPPORTED_LEN + _p->len + CRLF_LEN); + if (!buf) { + LM_ERR("no pkg memory left\n"); + return -1; + } + memcpy(buf, SUPPORTED, SUPPORTED_LEN); + memcpy(buf + SUPPORTED_LEN, _p->s, _p->len); + memcpy(buf + SUPPORTED_LEN + _p->len, CRLF, CRLF_LEN); + add_lump_rpl(_m, buf, SUPPORTED_LEN + _p->len + CRLF_LEN, + LUMP_RPL_HDR | LUMP_RPL_NODUP); + return 0; } #define FLOW_TIMER "Flow-Timer: " @@ -603,20 +606,20 @@ static int add_flow_timer(struct sip_msg* _m) int lump_len; /* Add three as REG_FLOW_TIMER_MAX is 999 - three digits */ - buf = (char*)pkg_malloc(FLOW_TIMER_LEN + 3 + CRLF_LEN); - if (!buf) { - LM_ERR("no pkg memory left\n"); - return -1; - } + buf = (char*)pkg_malloc(FLOW_TIMER_LEN + 3 + CRLF_LEN); + if (!buf) { + LM_ERR("no pkg memory left\n"); + return -1; + } lump_len = snprintf(buf, FLOW_TIMER_LEN + 3 + CRLF_LEN, "%.*s%d%.*s", (int)FLOW_TIMER_LEN, FLOW_TIMER, reg_flow_timer, (int)CRLF_LEN, CRLF); - add_lump_rpl(_m, buf, lump_len, LUMP_RPL_HDR | LUMP_RPL_NODUP); - return 0; + add_lump_rpl(_m, buf, lump_len, LUMP_RPL_HDR | LUMP_RPL_NODUP); + return 0; } - + /*! \brief * Send a reply */ @@ -679,7 +682,7 @@ int reg_send_reply(struct sip_msg* _m) return -1; if ((get_require(_m) & F_OPTION_TAG_OUTBOUND) - || (get_supported(_m) & F_OPTION_TAG_OUTBOUND)) { + || (get_supported(_m) & F_OPTION_TAG_OUTBOUND)) { if (add_require(_m, &outbound_str) < 0) return -1; @@ -715,7 +718,7 @@ int reg_send_reply(struct sip_msg* _m) case 500: msg.s = MSG_500; msg.len = sizeof(MSG_500)-1;break; case 503: msg.s = MSG_503; msg.len = sizeof(MSG_503)-1;break; } - + if (code != 200) { buf = (char*)pkg_malloc(E_INFO_LEN + error_info[rerrno].len + CRLF_LEN + 1); if (!buf) { @@ -732,9 +735,9 @@ int reg_send_reply(struct sip_msg* _m) if (add_retry_after(_m) < 0) { return -1; } - } + } } - + if (slb.freply(_m, code, &msg) < 0) { LM_ERR("failed to send %ld %.*s\n", code, msg.len,msg.s); return -1; diff --git a/modules/registrar/rerrno.h b/modules/registrar/rerrno.h index c7624b01a45..224a051d4fd 100644 --- a/modules/registrar/rerrno.h +++ b/modules/registrar/rerrno.h @@ -17,16 +17,16 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ /*! * \file * \brief SIP registrar module - registrar errno - * \ingroup registrar - */ + * \ingroup registrar + */ #ifndef RERRNO_H @@ -67,6 +67,7 @@ typedef enum rerr { R_OB_UNSUP, /*!< Outbound not supported by UAC */ R_OB_REQD, /*!< Outbound required by UAC but not supported on server */ R_OB_UNSUP_EDGE, /*!< Outbound needed for this registration but not supported on edge proxy */ + R_INV_REGID, /*!< Invalid Reg-Id value */ } rerr_t; diff --git a/modules/registrar/save.c b/modules/registrar/save.c index 6d3f24091fb..749270b0367 100644 --- a/modules/registrar/save.c +++ b/modules/registrar/save.c @@ -18,8 +18,8 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * * History: @@ -41,8 +41,8 @@ /*! * \file * \brief SIP registrar module - Process REGISTER request and send reply - * \ingroup registrar - */ + * \ingroup registrar + */ #include "../../str.h" @@ -87,8 +87,8 @@ static int q_override_msg_id; static qvalue_t q_override_value; /*! \brief - * Process request that contained a star, in that case, - * we will remove all bindings with the given username + * Process request that contained a star, in that case, + * we will remove all bindings with the given username * from the usrloc and return 200 OK response */ static inline int star(sip_msg_t *_m, udomain_t* _d, str* _a, str *_h) @@ -415,6 +415,7 @@ static inline ucontact_info_t* pack_ci( struct sip_msg* _m, contact_t* _c, unsig if(str2int(&_c->reg_id->body, &ci.reg_id)<0 || ci.reg_id==0) { LM_ERR("invalid reg-id value\n"); + rerrno = R_INV_REGID; goto error; } } @@ -503,7 +504,7 @@ static inline int insert_contacts(struct sip_msg* _m, udomain_t* _d, str* _a, in if (maxc > 0 && num >= maxc) { - LM_INFO("too many contacts (%d) for AOR <%.*s>\n", + LM_INFO("too many contacts (%d) for AOR <%.*s>\n", num, _a->len, _a->s); rerrno = R_TOO_MANY; goto error; @@ -548,7 +549,7 @@ static inline int insert_contacts(struct sip_msg* _m, udomain_t* _d, str* _a, in if (tcp_check) { /* parse contact uri to see if transport is TCP */ if (parse_uri( _c->uri.s, _c->uri.len, &uri)<0) { - LM_ERR("failed to parse contact <%.*s>\n", + LM_ERR("failed to parse contact <%.*s>\n", _c->uri.len, _c->uri.s); } else if (uri.proto==PROTO_TCP || uri.proto==PROTO_TLS || uri.proto==PROTO_WS || uri.proto==PROTO_WSS) { if (e_max) { @@ -767,10 +768,10 @@ static inline int update_contacts(struct sip_msg* _m, urecord_t* _r, int _mode, updated=1; } /* If call-id has changed then delete all records with this sip.instance - then insert new record */ + * then insert new record */ if (ci->instance.s != NULL && (ci->callid->len != c->callid.len || - strncmp(ci->callid->s, c->callid.s, ci->callid->len) != 0)) + strncmp(ci->callid->s, c->callid.s, ci->callid->len) != 0)) { ptr = _r->contacts; while (ptr) @@ -797,7 +798,7 @@ static inline int update_contacts(struct sip_msg* _m, urecord_t* _r, int _mode, if (tcp_check) { /* parse contact uri to see if transport is TCP */ if (parse_uri( _c->uri.s, _c->uri.len, &uri)<0) { - LM_ERR("failed to parse contact <%.*s>\n", + LM_ERR("failed to parse contact <%.*s>\n", _c->uri.len, _c->uri.s); } else if (uri.proto==PROTO_TCP || uri.proto==PROTO_TLS || uri.proto==PROTO_WS || uri.proto==PROTO_WSS) { if (e_max>0) {