Module: kamailio
Branch: master
Commit: 3fc061dfa3a0db26591164af88abb6ce31afc61a
URL: 
https://github.com/kamailio/kamailio/commit/3fc061dfa3a0db26591164af88abb6ce31afc61a

Author: Xenofon Karamanos <[email protected]>
Committer: Xenofon Karamanos <[email protected]>
Date: 2026-05-04T16:27:52Z

evapi: Limit digits allowed

---

Modified: src/modules/evapi/evapi_dispatch.c

---

Diff:  
https://github.com/kamailio/kamailio/commit/3fc061dfa3a0db26591164af88abb6ce31afc61a.diff
Patch: 
https://github.com/kamailio/kamailio/commit/3fc061dfa3a0db26591164af88abb6ce31afc61a.patch

---

diff --git a/src/modules/evapi/evapi_dispatch.c 
b/src/modules/evapi/evapi_dispatch.c
index 91c455e9651..efae236bdbf 100644
--- a/src/modules/evapi/evapi_dispatch.c
+++ b/src/modules/evapi/evapi_dispatch.c
@@ -635,6 +635,14 @@ void evapi_recv_client(struct ev_loop *loop, struct ev_io 
*watcher, int revents)
                        while(k < _evapi_clients[i].rpos + rlen) {
                                if(_evapi_clients[i].rbuffer[k] >= '0'
                                                && _evapi_clients[i].rbuffer[k] 
<= '9') {
+                                       if(frame.len > INT_MAX / 10
+                                                       || 
(_evapi_clients[i].rbuffer[k] - '0')
+                                                                          > 
(INT_MAX - frame.len * 10)) {
+                                               /* overflow - invalid frame */
+                                               LM_ERR("frame length overflow. 
10+ digits \n");
+                                               _evapi_clients[i].rpos = 0;
+                                               return;
+                                       }
                                        frame.len =
                                                        frame.len * 10 + 
_evapi_clients[i].rbuffer[k] - '0';
                                } else {

_______________________________________________
Kamailio - Development Mailing List -- [email protected]
To unsubscribe send an email to [email protected]
Important: keep the mailing list in the recipients, do not reply only to the 
sender!

Reply via email to