pjsip: restrict function PJSIP_PARSE_URI to parse only SIP/SIPS URIs
authorAlexei Gradinari <alex2grad@gmail.com>
Mon, 25 Mar 2019 23:05:28 +0000 (19:05 -0400)
committerAlexei Gradinari <alex2grad@gmail.com>
Wed, 27 Mar 2019 16:07:47 +0000 (10:07 -0600)
The next usage of PJSIP_PARSE_URI will crash asterisk
${PJSIP_PARSE_URI(tel:+1234567890,host)}
or
${PJSIP_PARSE_URI(192.168.1.1:5060,host)}

The function pjsip_parse_uri successfully parses then, but returns
struct pjsip_other_uri *.

This patch restricts parsing only SIP/SIPS URIs.

Change-Id: I16f255c2b86a80a67e9f9604b94b129a381dd25e

channels/pjsip/dialplan_functions.c

index 70507bb..2081bad 100644 (file)
@@ -1124,7 +1124,7 @@ static int parse_uri_cb(void *data)
 
        pj_strdup2_with_null(pool, &tmp, args->uri);
        uri = (pjsip_name_addr *)pjsip_parse_uri(pool, tmp.ptr, tmp.slen, PJSIP_PARSE_URI_AS_NAMEADDR);
-       if (!uri) {
+       if (!uri || (!PJSIP_URI_SCHEME_IS_SIP(uri) && !PJSIP_URI_SCHEME_IS_SIPS(uri))) {
                ast_log(LOG_WARNING, "Failed to parse URI '%s'\n", args->uri);
                pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
                args->ret = -1;