[sr-dev] [tracker] Task opened: decode_contact() fails on certain legitimate request URIs

[sip-router]

THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.

A new Flyspray task has been opened.  Details are below. 

User who did this - Richard Brady (rnbrady) 

Attached to Project - sip-router
Summary - decode_contact() fails on certain legitimate request URIs
Task Type - Bug Report
Category - Modules kamailio
Status - Unconfirmed
Assigned To - 
Operating System - Linux
Severity - Low
Priority - Normal
Reported Version - 3.3
Due in Version - Undecided
Due Date - Undecided
Details - Decode contact() fails decode_contact() fails on certain legitimate 
request URIs, such as:

    sip:natted_ua*alice;day=tuesday**192.168.242.102*5060*udp@1.2.3.4

This is due to the semicolon in the userinfo part of the URI. The problem code 
is in the decode2format function in siputils/contact_ops.c:

                        if (((*pos) == '>')||(*pos == ';'))
                                {
                                /* invalid chars inside username part */
                                return -5;
                                }

The ABNF in RFC3261 makes it clear that a semicolon is ok in the user-info 
field:

userinfo         =  ( user / telephone-subscriber ) [ ":" password ] "@"
user             =  1*( unreserved / escaped / user-unreserved )
user-unreserved  =  "&" / "=" / "+" / "$" / "," / ";" / "?" / "/"

The code might be to check for the end of a URI (both those characters 
terminate a URI under certain circumstances), perhaps for fault tolerance 
and/or security but I don't think it's been done in a way that makes sense, for 
the following reasons:

1. An angle bracket is not legal in or surrounding a request URI, so it should 
be picked up by the parser and/or sanity check. 
2. A semicolon is totally legal in the userinfo part, as per ABNF above and 
also as explained in RFC3261:
    ...
    sip:alice;day=tues...@atlanta.com

    The last sample URI above has a user field value of
    "alice;day=tuesday".  The escaping rules defined above allow a
    semicolon to appear unescaped in this field.  For the purposes of
    this protocol, the field is opaque.  The structure of that value is
    only useful to the SIP element responsible for the resource.

More information can be found at the following URL:
http://sip-router.org/tracker/index.php?do=details&task_id=263

You are receiving this message because you have requested it from the Flyspray 
bugtracking system.  If you did not expect this message or don't want to 
receive mails in future, you can change your notification settings at the URL 
shown above.

_______________________________________________
sr-dev mailing list
sr-dev@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev