Hi, I was meditating about the same issue, but related to select testing - see SER-353. In my oppinion (a!=b) should result the same as !(a==b).
It is easy to achieve that every != will return true when either left or right (or both) parts are not existing - e.g AVP not found, or run_select function returns 1. I can provide the patch, it is held in my mercurial queue. BUT, this must be then accepted in ALL the scripts!!! E.g. if (@to.tag! ="") now will be TRUE for every request (because to tag is not present, or if present it must have non-empty value (RFC MUST)). The other possibility is to change the script comparison to accept the premise, that missing AVP or select yields empty string; which has different possible drawback - two non-existent AVP will be trated as equal. Michal Miklos Tirpak píše v Čt 10. 04. 2008 v 13:21 +0200: > Hi all, > > I am wondering whether the != operator was designed to work the > following way with AVPs: > > ($myavp != "myvalue") is true only if $myavp exists, and its value is > not equal to "myvalue". If the AVP does not exist, the expression is false. > > That means, (!($myavp == "myvalue")) and ($myavp != "myvalue") may be > evaluated differently, the former is true if the AVP is missing. Is it a > bug or a feature? > > I also wonder whether the script writers know about this, for example > there was a security hole in ser-oob script because of it: I was able to > fake any sip uri (which was not provisioned) in the from HF of > non-register request, and the authentication was successful. > > Thanks, > Miklos > _______________________________________________ > Serdev mailing list > [email protected] > http://lists.iptel.org/mailman/listinfo/serdev _______________________________________________ Serdev mailing list [email protected] http://lists.iptel.org/mailman/listinfo/serdev
