![(please configure the [header_logo] section in trac.ini)](/repos/chrome/site/pj.jpg)
Opened 7 years ago
Last modified 7 years ago
#2063 closed enhancement
Add more documentation in PJSIP's parser to prevent stack buffer overflow — at Initial Version
| Reported by: | ming | Owned by: | bennylp |
|---|---|---|---|
| Priority: | normal | Milestone: | release-2.8 |
| Component: | pjsip | Version: | trunk |
| Keywords: | Cc: | ||
| Backport to 1.x milestone: | Backported: | no |
Description
This ticket will add more documentation in the description of the APIs in pjsip's sip_parser.c, in particular the requirement that the buffer must be NULL terminated and the size parameter must not include the NULL terminator.
Also in the ticket:
- Add assertion in pjlib-util's scanner to ensure that the buffer is NULL terminated.
If when using tools such as Valgrind or AddressSanitizer, you get a buffer read overflow warning in this assertion line, it means that you incorrectly passed the buffer length (it should be buffer length - 1). - Add robustness check in sip_multipart to prevent buffer overflow
Note: See
TracTickets for help on using
tickets.
