/pidgin/main: 179a49ea2a4b: Ignore incoming sip messages with bo...
Mark Doliner
mark at kingant.net
Tue Jan 28 10:38:11 EST 2014
Changeset: 179a49ea2a4b822fc30bd0ecdb8cbb9949443542
Author: Mark Doliner <mark at kingant.net>
Date: 2014-01-11 22:57 -0800
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/179a49ea2a4b
Description:
Ignore incoming sip messages with bodies longer than 30 MB.
diffstat:
libpurple/protocols/simple/sipmsg.c | 7 +++++++
1 files changed, 7 insertions(+), 0 deletions(-)
diffs (24 lines):
diff --git a/libpurple/protocols/simple/sipmsg.c b/libpurple/protocols/simple/sipmsg.c
--- a/libpurple/protocols/simple/sipmsg.c
+++ b/libpurple/protocols/simple/sipmsg.c
@@ -35,6 +35,8 @@
#include "simple.h"
#include "sipmsg.h"
+#define MAX_CONTENT_LENGTH 30000000
+
struct sipmsg *sipmsg_parse_msg(const gchar *msg) {
const char *tmp = strstr(msg, "\r\n\r\n");
char *line;
@@ -118,6 +120,11 @@ struct sipmsg *sipmsg_parse_header(const
purple_debug_warning("simple", "Invalid body length: %d",
msg->bodylen);
msg->bodylen = 0;
+ } else if (msg->bodylen > MAX_CONTENT_LENGTH) {
+ purple_debug_warning("simple", "Got Content-Length of %d bytes on "
+ "incoming message (max is %u bytes). Ignoring message body.\n",
+ msg->bodylen, MAX_CONTENT_LENGTH);
+ msg->bodylen = 0;
}
if(msg->response) {
More information about the Commits
mailing list