Module: kamailio Branch: 5.0 Commit: 89e7f88fc6d2dd0558caabb7af569cd7df69ab37 URL: https://github.com/kamailio/kamailio/commit/89e7f88fc6d2dd0558caabb7af569cd7df69ab37
Author: Daniel-Constantin Mierla <[email protected]> Committer: Daniel-Constantin Mierla <[email protected]> Date: 2026-03-03T10:49:05+01:00 core: tcp read - checks for MSRP first line (backported from commit 045bf283c095d72e69986403c5835afeca9af4f1) (cherry picked from commit 51258ae0e40cd39c2262164bdf6953c755b46a93) (cherry picked from commit 01f18d2e9cc1d53ae928b46d2523c83ed4860929) (cherry picked from commit 2cd6b87cb4142b3e11884c0cec04c4cc79a47aa1) (cherry picked from commit 420f96d8dad00a07cdab29bdad0a6a9a340dc5b2) (cherry picked from commit 331454415b80f9ea9ac69dbc42f2c35beeb709a7) --- Modified: src/core/tcp_read.c --- Diff: https://github.com/kamailio/kamailio/commit/89e7f88fc6d2dd0558caabb7af569cd7df69ab37.diff Patch: https://github.com/kamailio/kamailio/commit/89e7f88fc6d2dd0558caabb7af569cd7df69ab37.patch --- diff --git a/src/core/tcp_read.c b/src/core/tcp_read.c index 7318162cc9d..d99a6dfc47e 100644 --- a/src/core/tcp_read.c +++ b/src/core/tcp_read.c @@ -1026,11 +1026,31 @@ int tcp_read_headers(struct tcp_connection *c, int* read_flags) /* locate transaction id in first line * -- first line exists, that's why we are here */ mfline = q_memchr(r->start, '\n', r->pos-r->start); + if(mfline == NULL || mfline - r->start < 8) { + r->error = TCP_READ_ERROR; + r->state = H_SKIP; /* skip now */ + goto skip; + } mtransid.s = q_memchr(r->start + 5 /* 'MSRP ' */, ' ', - mfline - r->start); + mfline - r->start - 5); + if(mtransid.s == NULL) { + r->error = TCP_READ_ERROR; + r->state = H_SKIP; /* skip now */ + goto skip; + } mtransid.len = mtransid.s - r->start - 5; + if(mtransid.len <= 0) { + r->error = TCP_READ_ERROR; + r->state = H_SKIP; /* skip now */ + goto skip; + } mtransid.s = r->start + 5; trim(&mtransid); + if(mtransid.len <= 0) { + r->error = TCP_READ_ERROR; + r->state = H_SKIP; /* skip now */ + goto skip; + } if(memcmp(mtransid.s, p - 1 /*\r*/ - 1 /* '+'|'#'|'$' */ - mtransid.len, mtransid.len)!=0) { _______________________________________________ Kamailio - Development Mailing List -- [email protected] To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender!
