Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sipcapture: "core parsing of SIP message failed" with tcp defragmented message #9

Closed
ultraboby opened this issue Dec 11, 2014 · 11 comments
Closed

sipcapture: "core parsing of SIP message failed" with tcp defragmented message #9

ultraboby opened this issue Dec 11, 2014 · 11 comments

Comments

@ultraboby
Copy link

Contact: sip:xxxxxxxxxxxx@x.x.x.x:5060;alias=x.x.x.x480942;+g.3gpp.icsi-ref="urn%3Aurn-7%3A3gpp-service>
4(21951) ERROR: [receive.c:149]: receive_msg(): core parsing of SIP message failed (x.x.x.x:5060/1)
4(21951) ERROR: [parser/msg_parser.c:277]: get_hdr_field(): ERROR: get_hdr_field: bad body for <Contact: sip:x.x.x.x@x.x.x.x:5060;alias=x.x.x.x~48094~2;+g.3gpp.icsi-ref="urn%3Aurn-7%3A3gpp-service>(7)
4(21951) INFO: [parser/msg_parser.c:355]: parse_headers(): ERROR: bad header field [Contact: <sip:xxxxx]
4(21951) ERROR: [parser/msg_parser.c:705]: parse_msg(): ERROR: parse_msg: message=<INVITE sip:xxxxxxxxxxxx@x.x.x.x:5060;alias=x.x.x.x50601 SIP/2.0
@ultraboby ultraboby changed the title "core parsing of SIP message failed" with tcp defragmented message sipcapture "core parsing of SIP message failed" with tcp defragmented message Dec 11, 2014
@ultraboby ultraboby changed the title sipcapture "core parsing of SIP message failed" with tcp defragmented message sipcapture: "core parsing of SIP message failed" with tcp defragmented message Dec 11, 2014
@miconda
Copy link
Member

miconda commented Dec 11, 2014

It looks like parameter +g.3gpp.icsi-ref has an invalid value -- the values for URI parameters must not be enclosed in double-quotes. Maybe you can paste full SIP message here in order to see exactly how the Contact body is.

@adubovikov
Copy link
Member

also will be good to know how you duplicate SIP messages: captagent, sip_trace ?

@ultraboby
Copy link
Author

I use the captagent with tcpdefrag on, the full message is this:

INVITE sip:xxxxx00000000xx@10.x.x.x:5060;alias=10.x.x.x50601 SIP/2.0.
Record-Route: sip:mt@10.x.x.x;lr=on;ftag=989164876;did=34f.4102.
Route: sip:term@pcscf1.ims.mncxxx.mccxxx.3gppnetwork.org:5060;nat=yes;received=sip:10.x.x.x:5060;lr.
Record-Route: sip:mo@10.x.x.x;lr=on;ftag=989164876;did=34f.4102.
Record-Route: sip:mo@10.x.x.x;lr=on;ftag=989164876;did=34f.4102.
Record-Route: sip:mo@10.x.x.x;lr=on;ftag=989164876;did=34f.4102.
Record-Route: sip:mo@10.x.x.x;r2=on;lr=on;ftag=989164876;nat=yes;did=34f.63a1.
Record-Route: sip:mo@x.x.x.x;transport=tcp;r2=on;lr=on;ftag=989164876;nat=yes;did=34f.63a1.
Supported: timer,100rel,histinfo.
Allow: INVITE,ACK,OPTIONS,CANCEL,BYE,UPDATE,INFO,REFER,NOTIFY,MESSAGE,PRACK.
User-Agent: SLICK IMS 4.0.0.
Accept-Contact: *;+g.3gpp.icsi-ref="urn%3Aurn-7%3A3gpp-service.ims.icsi.mmtel";video.
P-Access-Network-Info: 3GPP-E-UTRAN-FDD;utran-cell-id-3gpp=xxxxx0001003exxx.
Session-Expires: 90;refresher=uac.
Min-SE: 90.
Content-Type: application/sdp.
From: sip:xxxxxxxxxxxx@ims.mncxxx.mccxxx.3gppnetwork.org;tag=989164876.
To: sip:xxxxxxxxxxxx;phone-context=ims.mncxxx.mccxxx.3gppnetwork.org@ims.mncxxx.mccxxx.3gppnetwork.org;user=phone.
Call-ID: 3450437327@10.x.x.x.
CSeq: 1 INVITE.
Max-Forwards: 62.
Contact: sip:xxxxxxxxxxxx@10.x.x.x:5060;alias=10.x.x.x609112;+g.3gpp.icsi-ref="urn%3Aurn-7%3A3gpp-service.ims.icsi.mmtel";video;+sip.instance="urn:gsma:imei:xxxxxxxx-366xxx-0".
Via: SIP/2.0/UDP 10.x.x.x;branch=z9hG4bKa7fa.9efd9ce385fb13f74a5c5c05297259de.0.
Via: SIP/2.0/UDP 10.x.x.x;branch=z9hG4bKa7fa.107170e92de6f030e36152a16765d6f2.1.
Via: SIP/2.0/UDP 10.x.x.x;branch=z9hG4bKa7fa.bd4c16c8762c5d272df661535d90582b.0.
Via: SIP/2.0/UDP 10.x.x.x;branch=z9hG4bKa7fa.1281fe88ecb5727ef9c6ffa477d8d767.0.
Via: SIP/2.0/UDP 10.x.x.x;branch=z9hG4bKa7fa.7d1a7a52f59ce8183dc2caf395526087.0.
Via: SIP/2.0/UDP 10.x.x.x;branch=z9hG4bKa7fa.5e05862dc0ba03d6e267df36fc2d9df1.0.
Via: SIP/2.0/UDP 10.x.x.x;branch=z9hG4bKa7fa.f94b72d4e2f2ced2dac00f9989579d93.0.
Via: SIP/2.0/UDP 10.x.x.x;branch=z9hG4bKa7fa.3ee4edab07004b5c1244ea2de9334ea9.0;i=5.
Via: SIP/2.0/TCP 10.x.x.x:5060;received=10.x.x.x;branch=z9hG4bK312549297smg;transport=TCP;rport=60911.
Content-Length: 474.
P-Asserted-Identity: sip:xxxxxxxxxxxx@ims.mncxxx.mccxxx.3gppnetwork.org.

This part is missing in homer:

X-RTP: mo.
.
v=0.
o=SAMSUNG-IMS-UE 12345629 0 IN IP4 x.x.x.x.
s=SS VOIP.
i=A VOIP Session.
c=IN IP4 x.x.x.x.
t=0 0.
m=audio 30708 RTP/AVP 107 96 110.
b=AS:38.
b=RS:375.
b=RR:1125.
a=rtpmap:107 AMR-WB/16000/1.
a=fmtp:107 octet-align=1;mode-set=2;mode-change-capability=2;max-red=220.
a=rtpmap:96 AMR/8000/1.
a=fmtp:96 octet-align=1;mode-change-capability=2;max-red=220.
a=rtpmap:110 telephone-event/8000.
a=fmtp:110 0-15.
a=ptime:20.
a=maxptime:240.
a=sendrecv.
a=rtcp:30709.

@adubovikov
Copy link
Member

as Daniel already told, the URI parameter should not contain non escaped double quotes:
https://www.ietf.org/rfc/rfc3261.txt

URI parameters: Parameters affecting a request constructed from
the URI.

     URI parameters are added after the hostport component and are
     separated by semi-colons.

     URI parameters take the form:

        parameter-name "=" parameter-value

     Even though an arbitrary number of URI parameters may be
     included in a URI, any given parameter-name MUST NOT appear
     more than once.

The angle-bracket "<" and ">" and double-quote (") characters are
excluded because they are often used as the delimiters around URI in
text documents and protocol fields. The character "#" is excluded
because it is used to delimit a URI from a fragment identifier in URI
references (Section 4). The percent character "%" is excluded because
it is used for the encoding of escaped characters.

delims = "<" | ">" | "#" | "%" | <">

ask your vendor to fix it or make a workaround in the captagent/sipcapture module

@miconda
Copy link
Member

miconda commented Dec 12, 2014

I expect that the contact should be like:

Contact: sip:xxxxxxxxxxxx@10.x.x.x:5060;alias=10.x.x.x609112;+g.3gpp.icsi-ref="urn%3Aurn-7%3A3gpp-service.ims.icsi.mmtel";video;+sip.instance="urn:gsma:imei:xxxxxxxx-366xxx-0"

Starting with +g.3gpp.icsi-ref, it should be header parameter, not uri -- the uri is enclosed in between < >.

It might be that a node in the path is building the wrong Contact format.

@ultraboby
Copy link
Author

invite

@miconda
Copy link
Member

miconda commented Dec 12, 2014

The contact from attached screenshot seems ok, do you still get troubles with it?

@ultraboby
Copy link
Author

yes.. the previous ( copy/paste) post not showing all symbols ( characters )

@miconda
Copy link
Member

miconda commented Dec 12, 2014

To understand properly, the invite in screenshot is coming to kamailio server and the one you pasted as text before is received by sipcapture node, mirrored by capture agent?

You paste here data but don't give any description from where you took it and the context when it happens. It is hard to guess and therefore impossible to really help.

@ultraboby
Copy link
Author

the message is from kamailio sipcapture node who recieved it from captagent

This was referenced Jan 17, 2015
Closed
Closed
@ultraboby
Copy link
Author

The problem is in the sip_captute table , column msg - the Length is too small in my case..

@00Asgaroth00 00Asgaroth00 mentioned this issue Jul 7, 2015
Closed
@andreikabeliy andreikabeliy mentioned this issue Jul 9, 2015
Closed
@mading087 mading087 mentioned this issue Aug 18, 2015
Closed
@MayamaTakeshi MayamaTakeshi mentioned this issue Sep 18, 2015
Closed
@jijo2010 jijo2010 mentioned this issue Oct 6, 2015
Closed
@jayesh1017 jayesh1017 mentioned this issue Dec 7, 2015
Closed
@smititelu smititelu mentioned this issue Jan 6, 2016
Closed
@BroWater BroWater mentioned this issue Jan 7, 2016
Closed
@pwarnold pwarnold mentioned this issue Feb 5, 2016
Closed
@lfzaracho lfzaracho mentioned this issue Apr 14, 2016
Closed
@WhoSunilMore WhoSunilMore mentioned this issue May 13, 2016
Closed
@lglayal lglayal mentioned this issue Jul 11, 2016
Closed
@dragos-oancea dragos-oancea mentioned this issue Jul 19, 2016
Merged
@davyvdm davyvdm mentioned this issue Nov 28, 2016
Closed
@qmphan qmphan mentioned this issue Jan 27, 2017
Closed
@davyvdm davyvdm mentioned this issue Apr 4, 2017
Closed
@amoizard amoizard mentioned this issue Feb 8, 2018
Closed
@theblackworld theblackworld mentioned this issue May 4, 2018
Closed
@lasseo lasseo mentioned this issue Jul 2, 2018
Closed
@ForGuru ForGuru mentioned this issue Jan 9, 2019
Closed
@srinikart srinikart mentioned this issue Feb 4, 2019
Closed
@alkorik alkorik mentioned this issue Feb 11, 2019
Closed
@shaunjstokes shaunjstokes mentioned this issue Apr 15, 2019
Closed
@Jaykah Jaykah mentioned this issue Jul 1, 2019
Closed
@marcocapetta marcocapetta mentioned this issue Sep 27, 2019
Closed
@ekke56 ekke56 mentioned this issue Nov 13, 2019
Closed
guillemj added a commit to guillemj/kamailio that referenced this issue Nov 14, 2019
@guillemj
core: switch to not use SIG_DEBUG by default
d91d935 
The code enabled by SIG_DEBUG inside signal handlers is
async-signal-unsafe (see the signal-safetey(7) man page), as it calls
at least syslog(3) and stdio functions.

During a daemon shutdown via a SIGTERM, we got a crash in isatty(3) due
to stack exhaustion from infinite nested calls within stdio coming from
the syslog(3) in src/main.c:sig_usr():

  #0  0x00007f691903fe6d in __isatty (fd=2) at ../sysdeps/posix/isatty.c:24
        term = <error reading variable term (Cannot access memory at address 0x7fffa44f4fb0)>
  kamailio#1  0x00007f6918fc37bb in local_isatty (fd=<optimized out>)
  kamailio#2  __GI__IO_file_doallocate (fp=0x7f6919110680 <_IO_2_1_stderr_>)
  kamailio#3  0x00007f6918fd1700 in __GI__IO_doallocbuf (
  kamailio#4  0x00007f6918fd0988 in _IO_new_file_overflow (
  kamailio#5  0x00007f6918fcfa8f in _IO_new_file_xsputn (n=8, data=<optimized out>,
  kamailio#6  _IO_new_file_xsputn (f=0x7f6919110680 <_IO_2_1_stderr_>,
  7  0x00007f6918fa41fb in _IO_vfprintf_internal (
  kamailio#8  0x00007f6918fc32e8 in locked_vfxprintf (
  kamailio#9  0x00007f6918fc3469 in __fxprintf (fp=0x7f6919110680 <_IO_2_1_stderr_>,
  kamailio#10 0x00007f6918fd3a50 in __malloc_assert (
  kamailio#11 0x00007f6918fd5e6f in sysmalloc (nb=nb@entry=4112,
  kamailio#12 0x00007f6918fd72c9 in _int_malloc (
  kamailio#13 0x00007f6918fd83e3 in __GI___libc_malloc (bytes=bytes@entry=4096)

  [ next calls nested until stack exhaustion ]

  #41030 0x00007f6918fc371c in __GI__IO_file_doallocate (
  #41031 0x00007f6918fd1700 in __GI__IO_doallocbuf (
  #41032 0x00007f6918fd0988 in _IO_new_file_overflow (
  #41033 0x00007f6918fcfa8f in _IO_new_file_xsputn (n=8, data=<optimized out>,
  #41034 _IO_new_file_xsputn (f=0x7f6919110680 <_IO_2_1_stderr_>,
  #41035 0x00007f6918fa41fb in _IO_vfprintf_internal (
  #41036 0x00007f6918fc32e8 in locked_vfxprintf (
  #41037 0x00007f6918fc3469 in __fxprintf (fp=0x7f6919110680 <_IO_2_1_stderr_>,
  #41038 0x00007f6918fd3a50 in __malloc_assert (
  #41039 0x00007f6918fd5e6f in sysmalloc (nb=nb@entry=4112,
  #41040 0x00007f6918fd72c9 in _int_malloc (
  #41041 0x00007f6918fd83e3 in __GI___libc_malloc (bytes=bytes@entry=4096)
  #41042 0x00007f6918fc371c in __GI__IO_file_doallocate (
  #41043 0x00007f6918fd1700 in __GI__IO_doallocbuf (
  #41044 0x00007f6918fd0988 in _IO_new_file_overflow (
  #41045 0x00007f6918fcfa8f in _IO_new_file_xsputn (n=8, data=<optimized out>,
  #41046 _IO_new_file_xsputn (f=0x7f6919110680 <_IO_2_1_stderr_>,
  #41047 0x00007f6918fa41fb in _IO_vfprintf_internal (
  #41048 0x00007f6918fc32e8 in locked_vfxprintf (
  #41049 0x00007f6918fc3469 in __fxprintf (fp=0x7f6919110680 <_IO_2_1_stderr_>,
  #41050 0x00007f6918fd3a50 in __malloc_assert (
  #41051 0x00007f6918fd5e6f in sysmalloc (nb=nb@entry=8208,
  #41052 0x00007f6918fd72c9 in _int_malloc (
  #41053 0x00007f6918fd91a2 in __libc_calloc (n=n@entry=1,
  #41054 0x00007f6918fcc0b3 in __GI___open_memstream (
  #41055 0x00007f69190477e0 in __GI___vsyslog_chk (pri=189, flag=-1,
  #41056 0x00007f6919047d4c in __syslog (pri=<optimized out>,
  #41057 0x0000563a58b01c08 in sig_usr (signo=<optimized out>) at main.c:857
  #41058 sig_usr (signo=<optimized out>) at main.c:816
  #41059 <signal handler called>

While this is certainly not easy to trigger, it's still not correct to
leave enabled in production builds. It might be an acceptable tradeoff
as a debugging aid, though.

So we switch the the code to off by default, and swap the meaning of the
macro to enable the unsafe debugging, to match.
@iliesh iliesh mentioned this issue Nov 27, 2019
Closed
@dkovik dkovik mentioned this issue Dec 18, 2019
Closed
@harishyadav1465 harishyadav1465 mentioned this issue Feb 19, 2020
Closed
@buzhaodi buzhaodi mentioned this issue May 11, 2020
Closed
@korizza korizza mentioned this issue Aug 20, 2020
Closed
@joeygo joeygo mentioned this issue Sep 3, 2020
Closed
@aatif218 aatif218 mentioned this issue Jan 25, 2021
Closed
@juha-h juha-h mentioned this issue Feb 2, 2021
Closed
@sergey-safarov sergey-safarov mentioned this issue Jul 22, 2021
Closed
@gtt1995 gtt1995 mentioned this issue Jan 5, 2022
Closed
@davidvoisonics davidvoisonics mentioned this issue Jun 13, 2022
Closed
@hardikpatel89 hardikpatel89 mentioned this issue Jul 19, 2022
Closed
nickvsnetworking pushed a commit to nickvsnetworking/kamailio that referenced this issue Aug 24, 2022
@miconda @nickvsnetworking
# This is a combination of 23 commits.
b9fa793 
# This is the 1st commit message:

ss7ops: updated with relocation of lib/srutils to core/utils

# This is the commit message #2:

tmrec: updated with relocation of lib/srutils to core/utils

# This is the commit message #3:

topos: updated with relocation of lib/srutils to core/utils

# This is the commit message #4:

uac_redirect: updated with relocation of lib/srutils to core/utils

# This is the commit message kamailio#5:

usrloc: updated with relocation of lib/srutils to core/utils

# This is the commit message kamailio#6:

pkg: obs spec - removed lib/srutils from rpm pacaging

# This is the commit message kamailio#7:

core: crypto, utils - updated comments referencing srutils after relocation

# This is the commit message kamailio#8:

corex: declare nio specific globals in c file

# This is the commit message kamailio#9:

Makefile.defs: add -lm to linker flags

- on some linux distros is not linked by default

# This is the commit message kamailio#10:

pipelimit: make error log debug in rpc command when pipe not found

- error code is returned to rpc command

# This is the commit message kamailio#11:

tls: proper match of config profile by server id

# This is the commit message kamailio#12:

http_client: typo in variable name for network interface

# This is the commit message kamailio#13:

core: dprint - new flags for long engine json

- a: prefix attribute names with application name
- A: do not prefix message attribute with application name (when 'a' is
set)

# This is the commit message kamailio#14:

sipdump: small whitespace fixes

# This is the commit message kamailio#15:

sipdump: option to run event_route[sipdump:msg] on rcv/snd messages

- new modparam mode to control the behaviour, its values can be built
from flags:
  - 1 - write to files (the existing behaviour), default
  - 2 - execute event route
- inside event route, $sipdump(...) variable is available to get the
buffer content and other related attributes
- new modparam event_callback to set the KEMI function to be run instead
of the event route

# This is the commit message kamailio#16:

sipdump: docs for mode and event_callback parameters

# This is the commit message kamailio#17:

sipdump: docs for event route sipdump:msg

# This is the commit message kamailio#18:

modules: readme files regenerated - sipdump ... [skip ci]

# This is the commit message kamailio#19:

sipdump: kemi functions to return buf and tag values

# This is the commit message kamailio#20:

seas: docs - removed mi_fifo from examples

# This is the commit message kamailio#21:

modules: readme files regenerated - seas ... [skip ci]

# This is the commit message kamailio#22:

textops: docs - proper example for append_body_part() with headers

# This is the commit message kamailio#23:

modules: readme files regenerated - textops ... [skip ci]
@antonio-couto antonio-couto mentioned this issue May 5, 2023
Closed
This was referenced Nov 16, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@miconda @adubovikov @ultraboby