Thanks very much, Bogdan. While testing this, I also found something else which may or may not still be an issue (I’m still using 1.11.11).
I am using the parameter escape functionality on data that is being inserted into a local cache using cachedb_local module. In writing some tests for this functionality, I was attempting to use the MI interface to insert an escaped value into the cache and received errors. $ opensipsctl fifo cache_store local IMC "713%20MYH" /usr/local/lib64/opensips/opensipsctl/opensipsctl.unixsock: line 67: printf: `M': invalid format character It seems that the printf function is being used somehow to insert the value into the cache and it is interpreting the % as a format placeholder. Using printf escaping on the string makes it work: $ opensipsctl fifo cache_store local IMC "713%%20MYH" Not sure if this is a bug or if it should be documented or anything. Just thought I would mention it. Thanks, Ben Newlin From: Bogdan-Andrei Iancu <[email protected]> Date: Tuesday, October 17, 2017 at 4:52 AM To: OpenSIPS users mailling list <[email protected]>, Ben Newlin <[email protected]> Subject: Re: [OpenSIPS-Users] s.escape.param transformation Hi Ben, Thank you for the report. I double checked with the RFC3261 and you are right. I made the fix on head, 2.3 and 2.2 versions, see: https://github.com/OpenSIPS/opensips/commit/b5094f0dc6a4f52555f9cca1ea9df7c846749482<https://github.com/OpenSIPS/opensips/commit/b5094f0dc6a4f52555f9cca1ea9df7c846749482> Best regards, Bogdan-Andrei Iancu OpenSIPS Founder and Developer http://www.opensips-solutions.com<http://www.opensips-solutions.com> On 10/16/2017 09:12 PM, Ben Newlin wrote: Hi, I think I’ve found an error in the escape transformations for parameters. The {s.escape.param} transformation is escaping many characters it shouldn’t. For example, the following code: $var(test) = "MYH 713"; xlog("L_ALERT", "test: $(var(test){s.escape.param})\n"); produces this output: test: %4d%59%48%20%37%31%33 Only the space character should have been converted, not all characters. In looking through the source code, I think the problem is that the alphanum group of allowed characters is completely missed during the transformation in the escape_param function in strcommon.c. For comparison, the escape_user function has the following code allowing alphanum characters to copied without conversion: if (isdigit((int)*p) || ((*p >= 'A') && (*p <= 'Z')) || ((*p >= 'a') && (*p <= 'z'))) { *at = *p; } else { switch(*p) { … I think similar logic is supposed to be in escape_param but is absent, resulting in all alphanum characters being converted to hex. Thanks, Ben Newlin _______________________________________________ Users mailing list [email protected]<mailto:[email protected]> http://lists.opensips.org/cgi-bin/mailman/listinfo/users<http://lists.opensips.org/cgi-bin/mailman/listinfo/users>
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
