kenmirrors
/
freeswitch
mirror of https://github.com/signalwire/freeswitch.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Skinny: Sanity 

- truncate tables on module load
- check for message length

git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@16767 d0543943-73ff-0310-b7d9-9358b9ac24b2
This commit is contained in:
Mathieu Parent 2010-02-24 12:00:28 +00:00
parent f1391f0eb8
commit 3ed58f15db
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/mod/endpoints/mod_skinny/mod_skinny.c
View File

@ -266,6 +266,10 @@ union skinny_data {
void *raw;
};
/*
* header is length+reserved
* body is type+data
*/
struct skinny_message {
int length;
int reserved;
@ -367,6 +371,12 @@ static switch_status_t channel_kill_channel(switch_core_session_t *session, int
/* SKINNY FUNCTIONS */
#define skinny_check_data_length(message, len) \
if (message->length < len+4) {\
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Received Too Short Skinny Message (Expected %d, got %d).\n", len+4, message->length);\
return SWITCH_STATUS_FALSE;\
}
static switch_status_t skinny_send_reply(listener_t *listener, skinny_message_t *reply);
static switch_call_cause_t skinny_session_create(switch_core_session_t *session);
@ -1133,6 +1143,8 @@ static switch_status_t skinny_handle_register(listener_t *listener, skinny_messa
assert(listener->profile);
profile = listener->profile;
skinny_check_data_length(request, sizeof(request->data.reg));
if(!zstr(listener->device_name)) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR,
"A device is already registred on this listener.\n");
@ -1272,11 +1284,16 @@ static switch_status_t skinny_handle_capabilities_response(listener_t *listener,
profile = listener->profile;
skinny_check_data_length(request, sizeof(request->data.cap_res.count));
n = request->data.cap_res.count;
if (n > SWITCH_MAX_CODECS) {
n = SWITCH_MAX_CODECS;
}
string_len = -1;
skinny_check_data_length(request, sizeof(request->data.cap_res.count) + n * sizeof(request->data.cap_res.caps[0]));
for (i = 0; i < n; i++) {
char *codec = skinny_codec2string(request->data.cap_res.caps[i].codec);
codec_order[i] = codec;
@ -1320,6 +1337,8 @@ static switch_status_t skinny_handle_port_message(listener_t *listener, skinny_m
profile = listener->profile;
skinny_check_data_length(request, sizeof(request->data.as_uint16));
if ((sql = switch_mprintf(
"UPDATE skinny_devices SET port='%d' WHERE device_name='%s'",
request->data.as_uint16,
@ -1355,6 +1374,7 @@ static switch_status_t skinny_handle_line_stat_request(listener_t *listener, ski
profile = listener->profile;
skinny_check_data_length(request, sizeof(request->data.line_req));
message = switch_core_alloc(listener->pool, 12+sizeof(message->data.line_res));
message->type = LINE_STAT_RES_MESSAGE;
@ -1376,6 +1396,8 @@ static switch_status_t skinny_handle_line_stat_request(listener_t *listener, ski
static switch_status_t skinny_handle_register_available_lines_message(listener_t *listener, skinny_message_t *request)
{
skinny_check_data_length(request, sizeof(request->data.reg_lines));
/* Do nothing */
return SWITCH_STATUS_SUCCESS;
}
@ -1961,6 +1983,10 @@ static switch_status_t load_skinny_config(void)
switch_core_db_close(db);
}
skinny_execute_sql_callback(profile, profile->listener_mutex, "DELETE FROM skinny_devices", NULL, NULL);
skinny_execute_sql_callback(profile, profile->listener_mutex, "DELETE FROM skinny_lines", NULL, NULL);
skinny_execute_sql_callback(profile, profile->listener_mutex, "DELETE FROM skinny_speeddials", NULL, NULL);
switch_core_hash_insert(globals.profile_hash, profile->name, profile);
profile = NULL;
} else {