Put a maximum limit on the number of payloads accepted, and also make sure a given...

author Joshua Colp <jcolp@digium.com>

Tue, 18 Mar 2008 14:58:39 +0000 (14:58 +0000)

committer Joshua Colp <jcolp@digium.com>

Tue, 18 Mar 2008 14:58:39 +0000 (14:58 +0000)
author Joshua Colp <jcolp@digium.com>
Tue, 18 Mar 2008 14:58:39 +0000 (14:58 +0000)
committer Joshua Colp <jcolp@digium.com>
Tue, 18 Mar 2008 14:58:39 +0000 (14:58 +0000)
diff --git a/channels/chan_sip.c b/channels/chan_sip.c

index 406acc17a0970c96a805941989ce1f44e0ec8fed..a9f29721e9ea2819d1d1dbad81f7e3f59fc1028a 100644 (file)
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -216,6 +216,8 @@ static int expiry = DEFAULT_EXPIRY;
  #define SIP_MAX_LINES                64               /*!< Max amount of lines in SIP attachment (like SDP) */
  #define SIP_MAX_PACKET               4096             /*!< Also from RFC 3261 (2543), should sub headers tho */
  
+#define SDP_MAX_RTPMAP_CODECS        32               /*!< Maximum number of codecs allowed in received SDP */
+
  #define INITIAL_CSEQ                 101              /*!< our initial sip sequence number */
  
  /*! \brief Global jitterbuffer configuration - by default, jb is disabled */
@@ -5032,7 +5034,7 @@ static int process_sdp(struct sip_pvt *p, struct sip_request *req)
         int numberofmediastreams = 0;
         int debug = sip_debug_test_pvt(p);
                 
-       int found_rtpmap_codecs[32];
+       int found_rtpmap_codecs[SDP_MAX_RTPMAP_CODECS];
         int last_rtpmap_codec=0;
  
         if (!p->rtp) {
@@ -5305,24 +5307,30 @@ static int process_sdp(struct sip_pvt *p, struct sip_request *req)
                         /* We should propably check if this is an audio or video codec
                                 so we know where to look */
  
-                       /* Note: should really look at the 'freq' and '#chans' params too */
-                       if(ast_rtp_set_rtpmap_type(newaudiortp, codec, "audio", mimeSubtype,
-                                       ast_test_flag(&p->flags[0], SIP_G726_NONSTANDARD) ? AST_RTP_OPT_G726_NONSTANDARD : 0) != -1) {
-                               if (debug)
-                                       ast_verbose("Found audio description format %s for ID %d\n", mimeSubtype, codec);
-                               found_rtpmap_codecs[last_rtpmap_codec] = codec;
-                               last_rtpmap_codec++;
-                               found = TRUE;
-
-                       } else if (p->vrtp) {
-                               if(ast_rtp_set_rtpmap_type(newvideortp, codec, "video", mimeSubtype, 0) != -1) {
+                       if (last_rtpmap_codec < SDP_MAX_RTPMAP_CODECS) {
+                               /* Note: should really look at the 'freq' and '#chans' params too */
+                               if(ast_rtp_set_rtpmap_type(newaudiortp, codec, "audio", mimeSubtype,
+                                                          ast_test_flag(&p->flags[0], SIP_G726_NONSTANDARD) ? AST_RTP_OPT_G726_NONSTANDARD : 0) != -1) {
                                         if (debug)
-                                               ast_verbose("Found video description format %s for ID %d\n", mimeSubtype, codec);
+                                               ast_verbose("Found audio description format %s for ID %d\n", mimeSubtype, codec);
                                         found_rtpmap_codecs[last_rtpmap_codec] = codec;
                                         last_rtpmap_codec++;
                                         found = TRUE;
+                                       
+                               } else if (p->vrtp) {
+                                       if(ast_rtp_set_rtpmap_type(newvideortp, codec, "video", mimeSubtype, 0) != -1) {
+                                               if (debug)
+                                                       ast_verbose("Found video description format %s for ID %d\n", mimeSubtype, codec);
+                                               found_rtpmap_codecs[last_rtpmap_codec] = codec;
+                                               last_rtpmap_codec++;
+                                               found = TRUE;
+                                       }
                                 }
+                       } else {
+                               if (debug)
+                                       ast_verbose("Discarded description format %s for ID %d\n", mimeSubtype, codec);
                         }
+
                         if (!found) {
                                 /* Remove this codec since it's an unknown media type for us */
                                 /* XXX This is buggy since the media line for audio and video can have the
diff --git a/main/rtp.c b/main/rtp.c

index 3d3766e9c0877a3ec57f0e50e4b581a3f95f1d17..fc6f9a467e8c99ddf3a295cd07786d2e17c1e64f 100644 (file)
--- a/main/rtp.c
+++ b/main/rtp.c
@@ -1652,6 +1652,9 @@ void ast_rtp_set_m_type(struct ast_rtp* rtp, int pt)
      an unknown media type */
  void ast_rtp_unset_m_type(struct ast_rtp* rtp, int pt) 
  {
+       if (pt < 0 || pt > MAX_RTP_PT)
+               return; /* bogus payload type */
+
         ast_mutex_lock(&rtp->bridge_lock);
         rtp->current_RTP_PT[pt].isAstFormat = 0;
         rtp->current_RTP_PT[pt].code = 0;
author	Joshua Colp <jcolp@digium.com>
	Tue, 18 Mar 2008 14:58:39 +0000 (14:58 +0000)
committer	Joshua Colp <jcolp@digium.com>
	Tue, 18 Mar 2008 14:58:39 +0000 (14:58 +0000)
channels/chan_sip.c		patch \| blob \| blame \| history
main/rtp.c		patch \| blob \| blame \| history