On 05/13/2011 08:37 PM, Douglas Hubler wrote: > On Fri, May 13, 2011 at 12:02 AM, Joegen Baclor<[email protected]> wrote: >> Recently, we have supplied a couple of patches for a customer >> installation that are meant to solve proxy random crashes. > I think we need to decide as a project, if we want to be in the sip > parser business. If we do, then it sounds like all the things you > recommend and then some would need to be built.
A crash/regression test is only required if we decide to enter into the SIP parser business? Seriously i do not get the wisdom behind this comment. > If not, I would try > to fix any specific issues you run into complete with unit tests for > those fixes We already did and patched was accepted by you personally. > until we can get an idea of the alternatives are. Let me pitch in some of possible alternatives. 1. Stay put and see if there are no more crash scenarios we have missed and simply correct them as we encounter them. This can be a nightmare scenario because in most cases, the bug is encountered not by QA but in actual client live install. 2. Review the transport layer thoroughly and see where we could put more safeguards agaist possible buffer overruns when tokenizing sip messages. 3. Modify the tokenizer functions to always have the string boundary known by its actual length so safeguards effectively becomes moot. Joegen _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev/
