Skip Menu |

This queue is for tickets about the Net-SIP CPAN distribution.

Report information
The Basics
Id: 31236
Status: resolved
Priority: 0/
Queue: Net-SIP
People
Owner: Nobody in particular
Requestors: florz [...] florz.de
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Wed Dec 05 15:54:53 2007 florz [...] florz.de - Ticket created
Subject: Call-ID header parsing bug
Date: Wed, 5 Dec 2007 21:54:14 +0100
To: bug-Net-SIP [...] rt.cpan.org
From: Florian Zumbiehl <florz [...] florz.de>
I just read the code and didn't actually test it, but if I didn't miss something crucial, I'd say that Net::Sip 0.4 would mis-parse the following header: Call-ID: ,@,
  Wed Dec 05 16:07:22 2007 Steffen_Ullrich [...] genua.de - Correspondence added
Subject: Re: [rt.cpan.org #31236] Call-ID header parsing bug
Date: Wed, 5 Dec 2007 22:06:39 +0100
To: Florian Zumbiehl via RT <bug-Net-SIP [...] rt.cpan.org>
From: Steffen Ullrich <Steffen_Ullrich [...] genua.de>
Show quoted text
> > I just read the code and didn't actually test it, but if I didn't miss > something crucial, I'd say that Net::Sip 0.4 would mis-parse the > following header: > > Call-ID: ,@,
Looks like you are right. It should throw an error here, because this call-id is invalid ("," is not a word character) Steffen
  Wed Dec 05 16:07:25 2007 The RT System itself - Status changed from 'new' to 'open'
  Wed Dec 05 16:20:22 2007 florz [...] florz.de - Correspondence added
Subject: Re: [rt.cpan.org #31236] Call-ID header parsing bug
Date: Wed, 5 Dec 2007 22:19:14 +0100
To: Steffen Ullrich via RT <bug-Net-SIP [...] rt.cpan.org>
From: Florian Zumbiehl <florz [...] florz.de>
Hi, Show quoted text
> <URL: http://rt.cpan.org/Ticket/Display.html?id=31236 > >
> > > > I just read the code and didn't actually test it, but if I didn't miss > > something crucial, I'd say that Net::Sip 0.4 would mis-parse the > > following header: > > > > Call-ID: ,@,
> > Looks like you are right. > It should throw an error here, because this call-id is invalid ("," is not > a word character)
Erm, yeah, indeed looks like I mixed something up. I mean, it certainly would be nice if the parser would guarantee that pieces do conform to the RFC, at least optionally, but I didn't actually expect that ;-) But, how about this one: Retry-After: 1(,) Florian
  Wed Dec 05 16:27:34 2007 Steffen_Ullrich [...] genua.de - Correspondence added
Subject: Re: [rt.cpan.org #31236] Call-ID header parsing bug
Date: Wed, 5 Dec 2007 22:27:10 +0100
To: Florian Zumbiehl via RT <bug-Net-SIP [...] rt.cpan.org>
From: Steffen Ullrich <Steffen_Ullrich [...] genua.de>
Ok, I think I need to classify the various fields more: - parts which allow MIME-comments - parts which can be splitted be comma - parts with fixed syntax - ... ? No wonder that the SIP spec is that big, they didn't put much effort in it to keep it simple :) Steffen On Wed, Dec 05, 2007 at 04:20:23PM -0500, Florian Zumbiehl via RT <bug-Net-SIP@rt.cpan.org> wrote: Show quoted text
> > Queue: Net-SIP > Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=31236 > > > Hi, >
> > <URL: http://rt.cpan.org/Ticket/Display.html?id=31236 > > >
> > > > > > I just read the code and didn't actually test it, but if I didn't miss > > > something crucial, I'd say that Net::Sip 0.4 would mis-parse the > > > following header: > > > > > > Call-ID: ,@,
> > > > Looks like you are right. > > It should throw an error here, because this call-id is invalid ("," is not > > a word character)
> > Erm, yeah, indeed looks like I mixed something up. I mean, it certainly > would be nice if the parser would guarantee that pieces do conform to > the RFC, at least optionally, but I didn't actually expect that ;-) > > But, how about this one: > > Retry-After: 1(,) > > Florian >
  Fri Jan 04 15:59:02 2008 Steffen_Ullrich [...] genua.de - Correspondence added
Should be much better with version 0.41. It know knows about more header which cannot be split on comma, knows that some fields should have special formats (like number in expires etc). The old behavior, that the header will be split on comma is only doone for headers not specified different in rfc3261. There is more strict checking to do so that invalid data will not be accepted, but the current implementation should at least not misinterprete valid data
  Fri Jan 04 15:59:07 2008 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'resolved'