From 69f9b0a4d5261ec5b6d8d7163b3809a9bb24916d Mon Sep 17 00:00:00 2001
From: Daniel-Constantin Mierla <miconda@gmail.com>
Date: Thu, 11 Apr 2019 09:37:25 +0200
Subject: [PATCH] core: parse - validity check for contact uri size and more
 verbose log message

---
 src/core/parser/contact/contact.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/core/parser/contact/contact.c b/src/core/parser/contact/contact.c
index 61a40e3bd80..650740b1a13 100644
--- a/src/core/parser/contact/contact.c
+++ b/src/core/parser/contact/contact.c
@@ -182,6 +182,9 @@ int parse_contacts(str* _s, contact_t** _c)
 {
 	contact_t* c;
 	param_hooks_t hooks;
+	str sv;
+
+	sv = *_s;
 
 	while(1) {
 		/* Allocate and clear contact structure */
@@ -220,6 +223,10 @@ int parse_contacts(str* _s, contact_t** _c)
 		}
 
 		trim(&c->uri);
+		if((c->uri.len <= 0) || (c->uri.s + c->uri.len > sv.s + sv.len)) {
+			LM_ERR("invlid contact uri\n");
+			goto error;
+		}
 
 		if (_s->len == 0) goto ok;
 
@@ -265,6 +272,8 @@ int parse_contacts(str* _s, contact_t** _c)
 	}
 
 error:
+	LM_ERR("failure parsing '%.*s' (%d) [%p/%p/%d]\n", sv.len, sv.s, sv.len,
+			sv.s, _s->s, (int)(_s->s - sv.s));
 	if (c) pkg_free(c);
 	free_contacts(_c); /* Free any contacts created so far */
 	return -1;