Module: kamailio Branch: master Commit: e29c90ca1a7e604a3a86d508e4ac0c7b57f382e8 URL: https://github.com/kamailio/kamailio/commit/e29c90ca1a7e604a3a86d508e4ac0c7b57f382e8
Author: Lucian Balaceanu <lucian.balace...@1and1.ro> Committer: GitHub <nore...@github.com> Date: 2018-10-30T01:38:29-07:00 Merge pull request #1693 from lbalaceanu/pdb_fixabrt pdb: fix SIGABRT in case of too long uris --- Modified: src/modules/pdb/common.h Modified: src/modules/pdb/pdb.c --- Diff: https://github.com/kamailio/kamailio/commit/e29c90ca1a7e604a3a86d508e4ac0c7b57f382e8.diff Patch: https://github.com/kamailio/kamailio/commit/e29c90ca1a7e604a3a86d508e4ac0c7b57f382e8.patch --- diff --git a/src/modules/pdb/common.h b/src/modules/pdb/common.h index 1ba16cdf98..7c52c97ce0 100644 --- a/src/modules/pdb/common.h +++ b/src/modules/pdb/common.h @@ -35,7 +35,8 @@ #define OTHER_CARRIERID 1000 #define MAX_CARRIERID 1000 #define NULL_CARRIERID -1001 -#define PAYLOADSIZE 256 +/* hdr size + PAYLOADSIZE must add to 255 (uint8_t pdb_hdr.length) */ +#define PAYLOADSIZE 249 #define IS_VALID_PDB_CARRIERID(id) ((id>=MIN_PDB_CARRIERID) && (id<=MAX_PDB_CARRIERID)) diff --git a/src/modules/pdb/pdb.c b/src/modules/pdb/pdb.c index 8f2f80c326..eb59656734 100644 --- a/src/modules/pdb/pdb.c +++ b/src/modules/pdb/pdb.c @@ -145,7 +145,7 @@ static struct server_list_t *server_list; /* debug function for the new client <-> server protocol */ static void pdb_msg_dbg(struct pdb_msg msg, char *dbg_msg) { int i; - char buf[PAYLOADSIZE]; + char buf[PAYLOADSIZE * 3 + 1]; char *ptr = buf; for (i = 0; i < msg.hdr.length - sizeof(msg.hdr); i++) { @@ -265,7 +265,7 @@ static int pdb_query(struct sip_msg *_msg, struct multiparam_t *_number, struct /* prepare request */ reqlen = number.len + 1; /* include null termination */ - if (reqlen > sizeof(struct pdb_bdy)) { + if (reqlen > PAYLOADSIZE) { LM_ERR("number too long '%.*s'.\n", number.len, number.s); return -1; } @@ -305,6 +305,7 @@ static int pdb_query(struct sip_msg *_msg, struct multiparam_t *_number, struct break; } + memset(&msg, 0, sizeof(struct pdb_msg)); /* wait for response */ for (;;) { if (gettimeofday(&tnow, NULL) != 0) { _______________________________________________ Kamailio (SER) - Development Mailing List sr-dev@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev
