outbound: tightened up error handling in decode_flow_token()

Peter Dunkley Mon, 31 Dec 2012 09:15:13 -0800

Module: sip-router
Branch: pd/outbound
Commit: 5ceef3cb48fc4b1e9c75abf91ba45f59f5125751
URL:    
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=5ceef3cb48fc4b1e9c75abf91ba45f59f5125751


Author: Peter Dunkley <[email protected]>
Committer: Peter Dunkley <[email protected]>
Date:   Mon Dec 31 12:54:37 2012 +0000

modules_k/outbound: tightened up error handling in decode_flow_token()

---

 modules_k/outbound/ob_mod.c |   27 ++++++++++++++++++++++-----
 1 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/modules_k/outbound/ob_mod.c b/modules_k/outbound/ob_mod.c
index 5b7b226..c9e55eb 100644
--- a/modules_k/outbound/ob_mod.c
+++ b/modules_k/outbound/ob_mod.c
@@ -95,8 +95,8 @@ static int mod_init(void)
 /* Structure of flow token
 
    <HMAC-SHA1-80><protocol><dst_ip><dst_port><src_ip><src_port>
-          10     +    1    +  16   +    2    +  16   +    2
-          = 47 bytes maximum
+          10     +    1    + 4or16 +    2    +  16   +    2
+          = 35 bytes minimum and 47 bytes maximum
 
    <protocol> specifies whether the addresses are IPv4 or IPv6 and the
    transport.
@@ -105,9 +105,11 @@ static int mod_init(void)
 
    IP addresses will be 4 (for IPv6) or 16 (for IPv6) bytes.
 
+   Minimum base64 encoded size: ceiling((35+2)/3)*4 = 52 bytes
    Maximum base64 encoded size: ceiling((47+2)/3)*4 = 68 bytes
 */
 
+#define UNENC_FLOW_TOKEN_MIN_LENGTH    35
 #define UNENC_FLOW_TOKEN_MAX_LENGTH    47
 #define SHA1_LENGTH                    20
 #define SHA1_80_LENGTH                 10
@@ -169,10 +171,25 @@ int decode_flow_token(struct receive_info *rcv, str 
flow_token)
 {
        int pos = FLOW_TOKEN_START_POS, flow_length, i;
 
-       if (flow_token.len > base64_enc_len(UNENC_FLOW_TOKEN_MAX_LENGTH))
+       if (rcv == NULL)
        {
-               LM_INFO("bad flow token length.  Length is %d, expected <= 
%d\n",
-                       flow_token.len, UNENC_FLOW_TOKEN_MAX_LENGTH);
+               LM_ERR("bad receive_info structure provided\n");
+               return -1;
+       }
+
+       if (flow_token.s == NULL)
+       {
+               LM_INFO("no flow token provided\n");
+               return -1;
+       }
+
+       if (flow_token.len != base64_enc_len(UNENC_FLOW_TOKEN_MIN_LENGTH)
+           && flow_token.len != base64_enc_len(UNENC_FLOW_TOKEN_MAX_LENGTH))
+       {
+               LM_INFO("bad flow token length.  Length is %d, expected %d"
+                       " or %d.\n", flow_token.len,
+                       UNENC_FLOW_TOKEN_MIN_LENGTH,
+                       UNENC_FLOW_TOKEN_MAX_LENGTH);
                return -1;
        }
 


_______________________________________________
sr-dev mailing list
[email protected]
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev

[sr-dev] git:pd/outbound: modules_k/outbound: tightened up error handling in decode_flow_token()

Reply via email to