Skip to content
Snippets Groups Projects
Commit 46a038aa authored by Adrien Béraud's avatar Adrien Béraud
Browse files

p2p: check address length before parsing 

Change-Id: Ic4576fe22b10fc2033cbcd7afe8bb201c57223e1
parent 104c6493
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 59 additions and 54 deletions
src/jamidht/p2p.cpp
+ 59
54
View file @ 46a038aa
...@@ -425,7 +425,7 @@ private: ...@@ -425,7 +425,7 @@ private:
IpAddr relay_addr; IpAddr relay_addr;
for (const auto& address: response_.addresses) { for (const auto& address: response_.addresses) {
if (!(relay_addr = address)) { if (!(address.size() <= PJ_MAX_HOSTNAME && (relay_addr = address))) {
// Should be ICE SDP // Should be ICE SDP
// P2P File transfer. We received an ice SDP message: // P2P File transfer. We received an ice SDP message:
auto sdp = parent_.parse_SDP(address, *ice); auto sdp = parent_.parse_SDP(address, *ice);
...@@ -727,7 +727,9 @@ DhtPeerConnector::Impl::answerToRequest(PeerConnectionMsg&& request, ...@@ -727,7 +727,9 @@ DhtPeerConnector::Impl::answerToRequest(PeerConnectionMsg&& request,
std::shared_ptr<IceTransport> ice; std::shared_ptr<IceTransport> ice;
for (auto& ip: request.addresses) { for (auto& ip: request.addresses) {
try { try {
if (IpAddr(ip).isIpv4()) { if (ip.size() <= PJ_MAX_HOSTNAME) {
IpAddr addr(ip);
if (addr.isIpv4()) {
if (!sendTurn) continue; if (!sendTurn) continue;
std::lock_guard<std::mutex> lock(turnMutex_); std::lock_guard<std::mutex> lock(turnMutex_);
if (turnAuthv4_) { if (turnAuthv4_) {
...@@ -735,7 +737,8 @@ DhtPeerConnector::Impl::answerToRequest(PeerConnectionMsg&& request, ...@@ -735,7 +737,8 @@ DhtPeerConnector::Impl::answerToRequest(PeerConnectionMsg&& request,
turnAuthv4_->permitPeer(ip); turnAuthv4_->permitPeer(ip);
} }
JAMI_DBG() << account << "[CNX] authorized peer connection from " << ip; JAMI_DBG() << account << "[CNX] authorized peer connection from " << ip;
} else if (IpAddr(ip).isIpv6()) { continue;
} else if (addr.isIpv6()) {
if (!sendTurn) continue; if (!sendTurn) continue;
std::lock_guard<std::mutex> lock(turnMutex_); std::lock_guard<std::mutex> lock(turnMutex_);
if (turnAuthv6_) { if (turnAuthv6_) {
...@@ -743,7 +746,10 @@ DhtPeerConnector::Impl::answerToRequest(PeerConnectionMsg&& request, ...@@ -743,7 +746,10 @@ DhtPeerConnector::Impl::answerToRequest(PeerConnectionMsg&& request,
turnAuthv6_->permitPeer(ip); turnAuthv6_->permitPeer(ip);
} }
JAMI_DBG() << account << "[CNX] authorized peer connection from " << ip; JAMI_DBG() << account << "[CNX] authorized peer connection from " << ip;
} else { continue;
}
}
// P2P File transfer. We received an ice SDP message: // P2P File transfer. We received an ice SDP message:
JAMI_DBG() << account << "[CNX] receiving ICE session request"; JAMI_DBG() << account << "[CNX] receiving ICE session request";
auto &iceTransportFactory = Manager::instance().getIceTransportFactory(); auto &iceTransportFactory = Manager::instance().getIceTransportFactory();
...@@ -785,7 +791,6 @@ DhtPeerConnector::Impl::answerToRequest(PeerConnectionMsg&& request, ...@@ -785,7 +791,6 @@ DhtPeerConnector::Impl::answerToRequest(PeerConnectionMsg&& request,
} }
} else } else
sendIce = true; // Ice started with success, we can use it. sendIce = true; // Ice started with success, we can use it.
}
} catch (const std::exception& e) { } catch (const std::exception& e) {
JAMI_WARN() << account << "[CNX] ignored peer connection '" << ip << "', " << e.what(); JAMI_WARN() << account << "[CNX] ignored peer connection '" << ip << "', " << e.what();
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment