[sr-dev] git:5.4:01f18d2e: core: tcp read - checks for MSRP first line

Fri, 20 Feb 2026 02:15:31 -0800 

Module: kamailio
Branch: 5.4
Commit: 01f18d2e9cc1d53ae928b46d2523c83ed4860929
URL: 
https://github.com/kamailio/kamailio/commit/01f18d2e9cc1d53ae928b46d2523c83ed4860929

Author: Daniel-Constantin Mierla <[email protected]>
Committer: Daniel-Constantin Mierla <[email protected]>
Date: 2026-02-20T11:14:05+01:00

core: tcp read - checks for MSRP first line

(backported from commit 045bf283c095d72e69986403c5835afeca9af4f1)

(cherry picked from commit 51258ae0e40cd39c2262164bdf6953c755b46a93)

---

Modified: src/core/tcp_read.c

---

Diff:  
https://github.com/kamailio/kamailio/commit/01f18d2e9cc1d53ae928b46d2523c83ed4860929.diff
Patch: 
https://github.com/kamailio/kamailio/commit/01f18d2e9cc1d53ae928b46d2523c83ed4860929.patch

---

diff --git a/src/core/tcp_read.c b/src/core/tcp_read.c
index c2d3fa9f459..c3ec734869f 100644
--- a/src/core/tcp_read.c
+++ b/src/core/tcp_read.c
@@ -1038,11 +1038,31 @@ int tcp_read_headers(struct tcp_connection *c, int* 
read_flags)
                                        /* locate transaction id in first line
                                         * -- first line exists, that's why we 
are here */
                                        mfline =  q_memchr(r->start, '\n', 
r->pos-r->start);
+                                       if(mfline == NULL || mfline - r->start 
< 8) {
+                                               r->error = TCP_READ_ERROR;
+                                               r->state = H_SKIP; /* skip now 
*/
+                                               goto skip;
+                                       }
                                        mtransid.s = q_memchr(r->start + 5 /* 
'MSRP ' */, ' ',
-                                                       mfline - r->start);
+                                                       mfline - r->start - 5);
+                                       if(mtransid.s == NULL) {
+                                               r->error = TCP_READ_ERROR;
+                                               r->state = H_SKIP; /* skip now 
*/
+                                               goto skip;
+                                       }
                                        mtransid.len = mtransid.s - r->start - 
5;
+                                       if(mtransid.len <= 0) {
+                                               r->error = TCP_READ_ERROR;
+                                               r->state = H_SKIP; /* skip now 
*/
+                                               goto skip;
+                                       }
                                        mtransid.s = r->start + 5;
                                        trim(&mtransid);
+                                       if(mtransid.len <= 0) {
+                                               r->error = TCP_READ_ERROR;
+                                               r->state = H_SKIP; /* skip now 
*/
+                                               goto skip;
+                                       }
                                        if(memcmp(mtransid.s,
                                                        p - 1 /*\r*/ - 1 /* 
'+'|'#'|'$' */ - mtransid.len,
                                                        mtransid.len)!=0) {

_______________________________________________
Kamailio - Development Mailing List -- [email protected]
To unsubscribe send an email to [email protected]
Important: keep the mailing list in the recipients, do not reply only to the 
sender!

Reply via email to