[OpenSIPS-Devel] [OpenSIPS/opensips] a5b6d2: compression: add logging for overflow condition

Tue, 19 May 2026 08:06:39 -0700 

  Branch: refs/heads/master
  Home:   https://github.com/OpenSIPS/opensips
  Commit: a5b6d2e2b2f3e9eb72830410d3aaf1819326fe2a
      
https://github.com/OpenSIPS/opensips/commit/a5b6d2e2b2f3e9eb72830410d3aaf1819326fe2a
  Author: John Burke <[email protected]>
  Date:   2021-09-21 (Tue, 21 Sep 2021)

  Changed paths:
    M modules/compression/compression.c

  Log Message:
  -----------
  compression: add logging for overflow condition


  Commit: ba89136fd53c3008cf014501bf1e741939932b4b
      
https://github.com/OpenSIPS/opensips/commit/ba89136fd53c3008cf014501bf1e741939932b4b
  Author: John Burke <[email protected]>
  Date:   2021-09-21 (Tue, 21 Sep 2021)

  Changed paths:
    M modules/compression/compression.c

  Log Message:
  -----------
  compression: fix overflow when hdr_field contains sanitized body

When rebuilding headers for compaction, we cannot shortcut non-compacted 
headers at assembly time by using raw hdr_field.len for a few reasons: (1) 
calculated compact buffer len is based on hdr_field.body not hdr_field.len, (2) 
hdr_field.body is sanitized and may have adjusted len.


  Commit: d016658049fe5e2fa1061d16365507de0816fdce
      
https://github.com/OpenSIPS/opensips/commit/d016658049fe5e2fa1061d16365507de0816fdce
  Author: Liviu Chircu <[email protected]>
  Date:   2026-05-19 (Tue, 19 May 2026)

  Changed paths:
    M modules/compression/compression.c

  Log Message:
  -----------
  Merge branch 'compression_overflow' of github.com:john08burke/opensips into 
john08burke-compression_overflow

mc_compact() calculated the output size of preserved headers using the
normalized parser fields: header name, ": ", body and CRLF.

However, for preserved long-form headers, it wrote the original raw header
span instead.  If the input header contained extra whitespace after the
colon, such as "Supported:   100rel", the writer emitted more bytes than
the size calculation reserved, causing a buffer overflow and later memory
corruption.

Always rebuild preserved headers from the same normalized fields used by
the length calculation, instead of mixing normalized accounting with raw
header copying.


Compare: 
https://github.com/OpenSIPS/opensips/compare/fc8b1bbc771e...d016658049fe

To unsubscribe from these emails, change your notification settings at 
https://github.com/OpenSIPS/opensips/settings/notifications

_______________________________________________
Devel mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel

Reply via email to