Bugs item #1893031, was opened at 2008-02-13 11:38 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=637564&aid=1893031&group_id=104305
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: Yes Submitted By: David Helder (dheldermu) Assigned to: Nobody/Anonymous (nobody) Summary: Buffer overflow in call.cpp Initial Comment: call::get_first_line blindly copies the first line of the message into a buffer of 20490 bytes. However, the first line could be up to 65536 bytes (MAX(SIPP_MAX_MSG_SIZE, tcp_readsize)). Buffers of fewer than 66536 are used in other methods (e.g., call::get_header) and may also have this bug. One solution might be to define MAX_HEADER_LEN to SIPP_MAX_MSG_SIZE. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=637564&aid=1893031&group_id=104305 ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Sipp-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/sipp-users
