[SR-Users] Kamailio Crashing with excessive Via headers

Krishna Kurapati kkurapat at gmail.com
Tue Jun 25 15:37:32 CEST 2013 

In 4.x, Following message is crashing the Kamailio.

MESSAGE sip:50.62.12.174:15060;transport=udp SIP/2.0..Via: SIP/2.0/UDP
50.62.72.174:15060;branch=z9hG4bK3333.defaafa4.0..Via: SIP/2.0/UDP
50.62.72.174:15060;branch=z9hG4bK3333.cefaafa4.0..
  Via: SIP/2.0/UDP 50.62.12.174:15060;branch=z9hG4bK3333.befaafa4.0..
  Via: SIP/2.0/UDP 50.62.12.174:15060;branch=z9hG4bK3333.aefaafa4.0..
  Via: SIP/2.0/UDP 50.62.12.174:15060;branch=z9hG4bK33339efaafa4.0..
  Via: SIP/2.0/UDP 50.62.12.174:15060;branch=z9hG4bK3333.8efaafa4.0..
  Via: SIP/2.0/UDP 50.62.12.174:15060;branch=z9hG4bK3333.7efaafa4.0..
  Via: SIP/2.0/UDP 50.62.12.174;branch=z9hk4bK3333.4b488206.0..
  Via: SIP/2.0/UDP 50.62.12.174;rport=5060;branch=z9hG4bK3333.3b488206.0..
To: sip:578626051 at 50.62.12.174..
From: sip:notifier at abc.com;tag=5571efee096a394dda7d0dffc5bb
  32a5-c771..CSeq: 10 MESSAGE..Call-ID:
presence-T[578626051]-R[578626051]..Max-Forwards:  9..Co
  ntent-Length: 110..User-Agent: kamailio (4.0.1
(x86_64/linux))..Content-Type: text/html; chars
  et=utf-8.

stack trace:

#0  qm_detach_free (qm=0x2ac39d748010, size=64) at mem/q_malloc.c:269
#1  qm_malloc (qm=0x2ac39d748010, size=64) at mem/q_malloc.c:386
#2  0x0000000000560fa1 in parse_via (
    buffer=0x8c6a3b "SIP/2.0/UDP
50.62.72.174:15060;branch=z9hG4bK3333.defaafa4.0\r\nVia:
SIP/2.0/UDP 50.62.72.174:15060;branch=z9hG4bK3333.cefaafa4.0\r\nVia:
SIP/2.0/UDP 50.62.72.174:15060;branch=z9hG4bK3333.befaafa4.0\r\nVia:"...,
end=0x8c6e31 "", vbody=0x2ac39d769e90)
    at parser/parse_via.c:2540
#3  0x0000000000538e68 in get_hdr_field (buf=<value optimized out>,
end=0x8c6e31 "",
    hdr=0x2ac39d7999c0) at parser/msg_parser.c:140
#4  0x0000000000539ac9 in parse_headers (msg=0x2ac39d78a100, flags=2,
next=<value optimized out>)
    at parser/msg_parser.c:351
#5  0x000000000053af8d in parse_msg (buf=<value optimized out>, len=<value
optimized out>,
    msg=0x2ac39d78a100) at parser/msg_parser.c:650
#6  0x000000000049a2ef in receive_msg (
    buf=0x8c6a00 "MESSAGE sip:50.62.72.174:15060;transport=udp
SIP/2.0\r\nVia: SIP/2.0/UDP
50.62.72.174:15060;branch=z9hG4bK3333.defaafa4.0\r\nVia:
SIP/2.0/UDP 50.62.72.174:15060;branch=z9hG4bK3333.cefaafa4.0\r\nVia:
SIP/2.0"..., len=1073, rcv_info=0x7fffb40ab770) at receive.c:144
#7  0x0000000000528666 in udp_rcv_loop () at udp_server.c:557
#8  0x0000000000464daa in main_loop () at main.c:1638
#9  0x0000000000467adc in main (argc=<value optimized out>, argv=<value
optimized out>)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20130625/6727a315/attachment.html>

More information about the sr-users mailing list