|Subject:||Re: [osip-dev] handling of message parse error|
|Date:||Thu, 7 May 2015 13:37:14 +0200|
Le 7 mai 2015 11:47, "FEICHTER Christoph" <address@hidden> a écrit :
> I just found out, that if parsing of an incoming SIP request fails, nothing happens; the request is ignored.
> this happens, because the return value of _eXosip_handle_incoming_message is not checked !
> (eXtl_udp.c line 362, function udp_tl_read_message)
> for what reason is the return value ignored ?
> shouldn’t we return e.g. 400 Bad Request ?
> (or is this behaviour meant as a protection against DoS attacks ?)
Trying to answer bad request is not as easy as just replying 400, because a syntax error may happen in a required field and such error may introduce a crash.
There is certainly possibility to answer some of the bad request but I think a specific (may be stateless) method creating the 400 has to be implemented for this.
Of course, this may also impact the transport layer so a bit of testing should be done.
This additional method could be enabled/disabled by an option to let the upper layer decide how they prefer to handle such ddos/error!
I'm currently moving my office... With no internet... With lots of task to achieve right after getting new access! I could be less reactive in the next 2 weeks!!! ;)
> osip-dev mailing list
|[Prev in Thread]||Current Thread||[Next in Thread]|