protection against malformed string

git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@6215 d0543943-73ff-0310-b7d9-9358b9ac24b2
2007-11-10 00:47:09 +00:00 · 2007-11-10 00:47:09 +00:00 · 7e101fa05c
parent 47fe07eb34
commit 7e101fa05c
3 changed files with 32 additions and 10 deletions
--- a/src/mod/endpoints/mod_sofia/mod_sofia.h
+++ b/src/mod/endpoints/mod_sofia/mod_sofia.h
@ -506,3 +506,32 @@ sofia_gateway_t *sofia_reg_find_gateway__(const char *file, const char *func, in

 void sofia_reg_release_gateway__(const char *file, const char *func, int line, sofia_gateway_t *gateway);
 #define sofia_reg_release_gateway(x) sofia_reg_release_gateway__(__FILE__, __SWITCH_FUNC__, __LINE__, x);
+
+#define check_decode(_var, _session) do {								\
+		assert(_session);												\
+		if (!switch_strlen_zero(_var)) {								\
+			int d = 0;													\
+			char *p;													\
+			if (strchr(_var, '%')) {									\
+				char *tmp = switch_core_session_strdup(_session, _var);	\
+				switch_url_decode(tmp);									\
+				_var = tmp;												\
+				d++;													\
+			}															\
+			if ((p = strchr(_var, '"'))) {								\
+				if (!d) {												\
+					char *tmp = switch_core_session_strdup(_session, _var); \
+					_var = tmp;											\
+				}														\
+				if ((p = strchr(_var, '"'))) {							\
+					_var = p+1;											\
+				}														\
+				if ((p = strrchr(_var, '"'))) {							\
+					*p = '\0';											\
+				}														\
+			}															\
+		}																\
+																		\
+		if(_session) break;												\
+	} while(!_session)
+	   
--- a/src/mod/endpoints/mod_sofia/sofia.c
+++ b/src/mod/endpoints/mod_sofia/sofia.c
@ -1787,16 +1787,6 @@ void sofia_handle_sip_i_info(nua_t *nua, sofia_profile_t *profile, nua_handle_t
 	return;
 }

-#define check_decode(_var, _session) do {								\
-		assert(_session);												\
-		if (!switch_strlen_zero(_var) && strchr(_var, '%')) {			\
-			char *tmp = switch_core_session_strdup(_session, _var);		\
-			switch_url_decode(tmp);										\
-			_var = tmp;													\
-		}																\
-		if(_session) break;												\
-	} while(!_session)
-	   

 #define url_set_chanvars(session, url, varprefix) _url_set_chanvars(session, url, #varprefix "_user", #varprefix "_host", #varprefix "_port", #varprefix "_uri")
 const char *_url_set_chanvars(switch_core_session_t *session, url_t *url, const char *user_var,
@ -2144,6 +2134,7 @@ void sofia_handle_sip_i_invite(nua_t *nua, sofia_profile_t *profile, nua_handle_
 		dialplan = profile->dialplan;
 	}

+	check_decode(displayname, session);
 	tech_pvt->caller_profile = switch_caller_profile_new(switch_core_session_get_pool(session),
 														 from_user,
 														 dialplan,
--- a/src/mod/endpoints/mod_sofia/sofia_glue.c
+++ b/src/mod/endpoints/mod_sofia/sofia_glue.c
@ -498,6 +498,8 @@ switch_status_t sofia_glue_do_invite(switch_core_session_t *session)
 	cid_name = caller_profile->caller_id_name;
 	cid_num = caller_profile->caller_id_number;
 	sofia_glue_tech_prepare_codecs(tech_pvt);
+	check_decode(cid_name, session);
+	check_decode(cid_num, session);

 	if (!tech_pvt->from_str) {
 		tech_pvt->from_str = switch_core_session_sprintf(tech_pvt->session, "\"%s\" <sip:%s%s%s>",