mirrors/linphone-iphone
1
0
Fork 1
mirror of https://gitlab.linphone.org/BC/public/linphone-iphone.git synced 2026-02-07 14:18:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix SDP overflow

Browse source
This commit is contained in:
Guillaume BIENKOWSKI 2014-10-29 15:38:51 +01:00
parent 29ce46aa1f
commit 0c5309a3c8
2 changed files with 19 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
coreapi/bellesip_sal/.dirstamp Normal file
View file

27
coreapi/bellesip_sal/sal_op_call.c
View file

@ -75,22 +75,33 @@ static void sdp_process(SalOp *h){
static int set_sdp(belle_sip_message_t *msg,belle_sdp_session_description_t* session_desc) {
belle_sip_header_content_type_t* content_type ;
belle_sip_header_content_length_t* content_length;
belle_sip_error_code error = BELLE_SIP_OK;
belle_sip_error_code error = BELLE_SIP_BUFFER_OVERFLOW;
size_t length = 0;
char buff[2048];
if (session_desc) {
size_t bufLen = 2048;
size_t hardlimit = 16*1024; /* 16k SDP limit seems reasonable */
char* buff = belle_sip_malloc(bufLen);
content_type = belle_sip_header_content_type_create("application","sdp");
error = belle_sip_object_marshal(BELLE_SIP_OBJECT(session_desc),buff,sizeof(buff),&length);
if (error != BELLE_SIP_OK) {
ms_error("Buffer too small or sdp too big");
/* try to marshal the description. This could go higher than 2k so we iterate */
while( error != BELLE_SIP_OK && bufLen <= hardlimit && buff != NULL){
// error = belle_sip_object_marshal(BELLE_SIP_OBJECT(session_desc),buff,bufLen,&length);
if( error != BELLE_SIP_OK ){
bufLen *= 2;
buff = belle_sip_realloc(buff,bufLen);
}
}
/* give up if hard limit reached */
if (error != BELLE_SIP_OK || buff == NULL) {
ms_error("Buffer too small (%d) or not enough memory, giving up SDP", (int)bufLen);
return -1;
}
content_length= belle_sip_header_content_length_create(length);
content_length = belle_sip_header_content_length_create(length);
belle_sip_message_add_header(msg,BELLE_SIP_HEADER(content_type));
belle_sip_message_add_header(msg,BELLE_SIP_HEADER(content_length));
belle_sip_message_set_body(msg,buff,length);
belle_sip_message_assign_body(msg,buff,length);
return 0;
} else {
return -1;
@ -319,7 +330,7 @@ static void call_process_transaction_terminated(void *user_ctx, const belle_sip_
belle_sip_request_t* req;
belle_sip_response_t* resp;
bool_t release_call=FALSE;
if (client_transaction) {
req=belle_sip_transaction_get_request(BELLE_SIP_TRANSACTION(client_transaction));
resp=belle_sip_transaction_get_response(BELLE_SIP_TRANSACTION(client_transaction));