/src/opensips/parser/parse_hname2.c

Source (jump to first uncovered line)
/*
 * Fast 32-bit Header Field Name Parser
 *
 * Copyright (C) 2001-2003 FhG Fokus
 *
 * This file is part of opensips, a free SIP server.
 *
 * opensips is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version
 *
 * opensips is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301  USA
 *
 * History:
 * --------
 * 2003-02-28 scratchpad compatibility abandoned (jiri)
 * 2003-01-27 next baby-step to removing ZT - PRESERVE_ZT (jiri)
 * 2003-05-01 added support for Accept HF (janakj)
 * 2006-02-17 Session-Expires, Min-SE (dhsueh@somanetworks.com)
 */


#include "parse_hname2.h"
#include "keys.h"
#include "../ut.h"  /* q_memchr */

#define LOWER_BYTE(b) ((b) | 0x20U)
#define LOWER_DWORD(d) ((d) | 0x20202020U)

/*
 * Skip all white-chars and return position of the first
 * non-white char
 */
static inline char* skip_ws(char* p, char *end)
{
  for(; p < end; p++) {
    if ((*p != ' ') && (*p != '\t')) return p;
  }
  return p;
}

/*
 * Parser macros
 */
#include "case_via.h"      /* Via */
#include "case_from.h"     /* From */
#include "case_to.h"       /* To */
#include "case_cseq.h"     /* CSeq */
#include "case_call.h"     /* Call-ID */
#include "case_cont.h"     /* Contact, Content-Type, Content-Length,
                              Content-Purpose, Content-Action,
                              Content-Disposition */
#include "case_rout.h"     /* Route */
#include "case_max.h"      /* Max-Forwards */
#include "case_reco.h"     /* Record-Route */
#include "case_path.h"     /* Path */
#include "case_auth.h"     /* Authorization */
#include "case_expi.h"     /* Expires */
#include "case_prox.h"     /* Proxy-Authorization, Proxy-Require */
#include "case_allo.h"     /* Allow */
#include "case_unsu.h"     /* Unsupported */
#include "case_even.h"     /* Event */
#include "case_acce.h"     /* Accept, Accept-Language */
#include "case_orga.h"     /* Organization */
#include "case_prio.h"     /* Priority */
#include "case_subj.h"     /* Subject */
#include "case_user.h"     /* User-Agent */
#include "case_supp.h"     /* Supported */
#include "case_dive.h"     /* Diversion */
#include "case_remo.h"     /* Remote-Party-ID */
#include "case_refe.h"     /* Refer-To */
#include "case_sess.h"     /* Session-Expires */
#include "case_min_.h"     /* Min-SE */
#include "case_p_pr.h"     /* P-Preferred-Identity */
#include "case_p_as.h"     /* P-Asserted-Identity */
#include "case_priv.h"     /* Privacy */
#include "case_retr.h"     /* Retry-After */
#include "case_www.h"      /* WWW-Authenticate */
#include "case_feat.h"     /* Feature-Caps */
#include "case_repl.h"     /* Replaces */
#include "case_to_p.h"     /* To-Path */
#include "case_mess.h"     /* Message-ID */
#include "case_byte.h"     /* Byte-Range */
#include "case_fail.h"     /* Failure-Report */
#include "case_succ.h"     /* Success-Report */
#include "case_stat.h"     /* Status */
#include "case_use_.h"     /* Use-Path */
#include "case_secu.h"     /* Security-Client, Security-Server,
                              Security-Verify */


/*
 * Read 4-bytes from memory, as an unsigned integer
 * Reading byte by byte ensures that the code works also on HW which
 * does not allow reading 4-bytes at once from unaligned memory position
 * (Sparc for example)
 */
#define READ(addr) \
  ((unsigned)*((unsigned char *)addr + 0) + \
   ((unsigned)*((unsigned char *)addr + 1) << 8) + \
   ((unsigned)*((unsigned char *)addr + 2) << 16) + \
   ((unsigned)*((unsigned char *)addr + 3) << 24))

#ifdef FUZZ_BUILD
/* fuzzers are sensible to heap read overflows, so enable all "HAVE" checks */
#define HAVE(bytes) (end - p >= (long)(bytes))
#else
/* with PKG memory, parser read overflows of a few bytes are harmless, since
 * the memory is pre-allocated and the read cannot SIGSEGV, making the parser
 * a lot more performant in production */
#define HAVE(bytes) 1
#endif

#define FIRST_QUATERNIONS       \
  case _via1_: via1_CASE; \
  case _from_: from_CASE; \
  case _to12_: to12_CASE; \
  case _cseq_: cseq_CASE; \
  case _call_: call_CASE; \
  case _cont_: cont_CASE; \
  case _rout_: rout_CASE; \
  case _max__: max_CASE;  \
  case _reco_: reco_CASE; \
  case _via2_: via2_CASE; \
  case _auth_: auth_CASE; \
  case _supp_: supp_CASE; \
  case _expi_: expi_CASE; \
  case _prox_: prox_CASE; \
  case _allo_: allo_CASE; \
  case _path_: path_CASE; \
  case _unsu_: unsu_CASE; \
  case _even_: even_CASE; \
  case _acce_: acce_CASE; \
  case _orga_: orga_CASE; \
  case _prio_: prio_CASE; \
  case _subj_: subj_CASE; \
  case _user_: user_CASE; \
  case _dive_: dive_CASE; \
  case _remo_: remo_CASE; \
  case _refe_: refe_CASE; \
  case _sess_: sess_CASE; \
  case _min__: min__CASE; \
  case _p_pr_: p_pr_CASE; \
  case _p_as_: p_as_CASE; \
  case _priv_: priv_CASE; \
  case _retr_: retr_CASE; \
  case _www__: www_CASE;  \
  case _feat_: feat_CASE; \
  case _repl_: repl_CASE; \
  case _to_p_: to_p_CASE; \
  case _mess_: mess_CASE; \
  case _byte_: byte_CASE; \
  case _fail_: fail_CASE; \
  case _succ_: succ_CASE; \
  case _stat_: stat_CASE; \
  case _use__: use__CASE; \
  case _secu_: secu_CASE; \


#define PARSE_COMPACT(id)      \
  switch(*(p + 1)) {         \
    case ' ':              \
    case '\t':             \
      hdr->type = id;    \
      hdr->name.len = 1; \
      p += 2;            \
      goto dc_end;       \
    case ':':              \
      hdr->type = id;    \
      hdr->name.len = 1; \
      return (p + 2);    \
  }


char* parse_hname2(char* begin, char* end, struct hdr_field* hdr)
{
  register char* p;
  register unsigned int val;

  if ((end - begin) < 4) {
    hdr->type = HDR_ERROR_T;
    return begin;
  }

  p = begin;

  val = LOWER_DWORD(READ(p));
  hdr->name.s = begin;

  switch(val) {

    FIRST_QUATERNIONS;
    /* fall through */

    default:
      switch(LOWER_BYTE(*p)) {
        case 't':
          switch(LOWER_BYTE(*(p + 1))) {
            case 'o':
              p += 2;
              hdr->type = HDR_TO_T;
              hdr->name.len = 2;
              goto dc_cont;
            case ' ':
            case '\t':
              p += 2;
              hdr->type = HDR_TO_T;
              hdr->name.len = 1;
              goto dc_end;
            case ':':
              hdr->type = HDR_TO_T;
              hdr->name.len = 1;
              return (p + 2);
          }
          break;
        case 'v': PARSE_COMPACT(HDR_VIA_T);           break;
        case 'f': PARSE_COMPACT(HDR_FROM_T);          break;
        case 'i': PARSE_COMPACT(HDR_CALLID_T);        break;
        case 'm': PARSE_COMPACT(HDR_CONTACT_T);       break;
        case 'l': PARSE_COMPACT(HDR_CONTENTLENGTH_T); break;
        case 'k': PARSE_COMPACT(HDR_SUPPORTED_T);     break;
        case 'c': PARSE_COMPACT(HDR_CONTENTTYPE_T);   break;
        case 'o': PARSE_COMPACT(HDR_EVENT_T);         break;
        case 'x': PARSE_COMPACT(HDR_SESSION_EXPIRES_T); break;
      }
      goto other;
  }
  /* the above swtich will never continue here */


 dc_end:
  /* HDR name entirely found, consume WS till colon */
  /* overflow during the "switch-case" parsing ? */
  if (p>=end)
    goto error;
  p = skip_ws(p, end);
  if (p >= end || *p != ':')
    goto error;
  /* hdr type, name should be already set at this point */
  return (p+1);
  /*done*/


 dc_cont:
  /* HDR name partially found, see what's next */
  /* overflow during the "switch-case" parsing ? */
  if (p>=end)
    goto error;
  /* hdr type, name should be already set at this point (for partial finding) */
  switch (*p) {
    case ':' :
      return (p+1);
    case ' ':
    case '\t':
      /* consume spaces to the end of name */
      p = skip_ws( p+1, end);
      if (p >= end || *p != ':')
        goto error;
      return (p+1);
    /* default: it seems the hdr name continues, fall to "other" */
  }


 other:
  /* Unknown header type */
  hdr->type = HDR_OTHER_T;
  /* if overflow during the "switch-case" parsing, the "while" will
   * exit and we will fall in the "error" section */
  while ( p < end ) {
    switch (*p) {
      case ':' :
        hdr->name.len = p - hdr->name.s;
        return (p + 1);
      case ' ' :
      case '\t':
        hdr->name.len = p - hdr->name.s;
        p = skip_ws(p+1, end);
        if (p >= end || *p != ':')
          goto error;
        return (p+1);
    }
    p++;
  }

 error:
  /* No colon found, error.. */
  hdr->type = HDR_ERROR_T;
  hdr->name.s = 0;
  hdr->name.len = 0;
  return 0;
}

Coverage Report

Created: 2025-07-12 06:13

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Fast 32-bit Header Field Name Parser
3		*
4		* Copyright (C) 2001-2003 FhG Fokus
5		*
6		* This file is part of opensips, a free SIP server.
7		*
8		* opensips is free software; you can redistribute it and/or modify
9		* it under the terms of the GNU General Public License as published by
10		* the Free Software Foundation; either version 2 of the License, or
11		* (at your option) any later version
12		*
13		* opensips is distributed in the hope that it will be useful,
14		* but WITHOUT ANY WARRANTY; without even the implied warranty of
15		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16		* GNU General Public License for more details.
17		*
18		* You should have received a copy of the GNU General Public License
19		* along with this program; if not, write to the Free Software
20		* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21		*
22		* History:
23		* --------
24		* 2003-02-28 scratchpad compatibility abandoned (jiri)
25		* 2003-01-27 next baby-step to removing ZT - PRESERVE_ZT (jiri)
26		* 2003-05-01 added support for Accept HF (janakj)
27		* 2006-02-17 Session-Expires, Min-SE (dhsueh@somanetworks.com)
28		*/
29
30
31		#include "parse_hname2.h"
32		#include "keys.h"
33		#include "../ut.h" /* q_memchr */
34
35	0	#define LOWER_BYTE(b) ((b) \| 0x20U)
36	0	#define LOWER_DWORD(d) ((d) \| 0x20202020U)
37
38		/*
39		* Skip all white-chars and return position of the first
40		* non-white char
41		*/
42		static inline char* skip_ws(char* p, char *end)
43	0	{
44	0	for(; p < end; p++) {
45	0	if ((p != ' ') && (p != '\t')) return p;
46	0	}
47	0	return p;
48	0	}
49
50		/*
51		* Parser macros
52		*/
53		#include "case_via.h" /* Via */
54		#include "case_from.h" /* From */
55		#include "case_to.h" /* To */
56		#include "case_cseq.h" /* CSeq */
57		#include "case_call.h" /* Call-ID */
58		#include "case_cont.h" /* Contact, Content-Type, Content-Length,
59		Content-Purpose, Content-Action,
60		Content-Disposition */
61		#include "case_rout.h" /* Route */
62		#include "case_max.h" /* Max-Forwards */
63		#include "case_reco.h" /* Record-Route */
64		#include "case_path.h" /* Path */
65		#include "case_auth.h" /* Authorization */
66		#include "case_expi.h" /* Expires */
67		#include "case_prox.h" /* Proxy-Authorization, Proxy-Require */
68		#include "case_allo.h" /* Allow */
69		#include "case_unsu.h" /* Unsupported */
70		#include "case_even.h" /* Event */
71		#include "case_acce.h" /* Accept, Accept-Language */
72		#include "case_orga.h" /* Organization */
73		#include "case_prio.h" /* Priority */
74		#include "case_subj.h" /* Subject */
75		#include "case_user.h" /* User-Agent */
76		#include "case_supp.h" /* Supported */
77		#include "case_dive.h" /* Diversion */
78		#include "case_remo.h" /* Remote-Party-ID */
79		#include "case_refe.h" /* Refer-To */
80		#include "case_sess.h" /* Session-Expires */
81		#include "case_min_.h" /* Min-SE */
82		#include "case_p_pr.h" /* P-Preferred-Identity */
83		#include "case_p_as.h" /* P-Asserted-Identity */
84		#include "case_priv.h" /* Privacy */
85		#include "case_retr.h" /* Retry-After */
86		#include "case_www.h" /* WWW-Authenticate */
87		#include "case_feat.h" /* Feature-Caps */
88		#include "case_repl.h" /* Replaces */
89		#include "case_to_p.h" /* To-Path */
90		#include "case_mess.h" /* Message-ID */
91		#include "case_byte.h" /* Byte-Range */
92		#include "case_fail.h" /* Failure-Report */
93		#include "case_succ.h" /* Success-Report */
94		#include "case_stat.h" /* Status */
95		#include "case_use_.h" /* Use-Path */
96		#include "case_secu.h" /* Security-Client, Security-Server,
97		Security-Verify */
98
99
100		/*
101		* Read 4-bytes from memory, as an unsigned integer
102		* Reading byte by byte ensures that the code works also on HW which
103		* does not allow reading 4-bytes at once from unaligned memory position
104		* (Sparc for example)
105		*/
106		#define READ(addr) \
107	0	((unsigned)((unsigned char )addr + 0) + \
108	0	((unsigned)((unsigned char )addr + 1) << 8) + \
109	0	((unsigned)((unsigned char )addr + 2) << 16) + \
110	0	((unsigned)((unsigned char )addr + 3) << 24))
111
112		#ifdef FUZZ_BUILD
113		/* fuzzers are sensible to heap read overflows, so enable all "HAVE" checks */
114	0	#define HAVE(bytes) (end - p >= (long)(bytes))
115		#else
116		/* with PKG memory, parser read overflows of a few bytes are harmless, since
117		* the memory is pre-allocated and the read cannot SIGSEGV, making the parser
118		* a lot more performant in production */
119		#define HAVE(bytes) 1
120		#endif
121
122		#define FIRST_QUATERNIONS \
123	0	case _via1_: via1_CASE; \
124	0	case _from_: from_CASE; \
125	0	case _to12_: to12_CASE; \
126	0	case _cseq_: cseq_CASE; \
127	0	case _call_: call_CASE; \
128	0	case _cont_: cont_CASE; \
129	0	case _rout_: rout_CASE; \
130	0	case _max__: max_CASE; \
131	0	case _reco_: reco_CASE; \
132	0	case _via2_: via2_CASE; \
133	0	case _auth_: auth_CASE; \
134	0	case _supp_: supp_CASE; \
135	0	case _expi_: expi_CASE; \
136	0	case _prox_: prox_CASE; \
137	0	case _allo_: allo_CASE; \
138	0	case _path_: path_CASE; \
139	0	case _unsu_: unsu_CASE; \
140	0	case _even_: even_CASE; \
141	0	case _acce_: acce_CASE; \
142	0	case _orga_: orga_CASE; \
143	0	case _prio_: prio_CASE; \
144	0	case _subj_: subj_CASE; \
145	0	case _user_: user_CASE; \
146	0	case _dive_: dive_CASE; \
147	0	case _remo_: remo_CASE; \
148	0	case _refe_: refe_CASE; \
149	0	case _sess_: sess_CASE; \
150	0	case _min__: min__CASE; \
151	0	case _p_pr_: p_pr_CASE; \
152	0	case _p_as_: p_as_CASE; \
153	0	case _priv_: priv_CASE; \
154	0	case _retr_: retr_CASE; \
155	0	case _www__: www_CASE; \
156	0	case _feat_: feat_CASE; \
157	0	case _repl_: repl_CASE; \
158	0	case _to_p_: to_p_CASE; \
159	0	case _mess_: mess_CASE; \
160	0	case _byte_: byte_CASE; \
161	0	case _fail_: fail_CASE; \
162	0	case _succ_: succ_CASE; \
163	0	case _stat_: stat_CASE; \
164	0	case _use__: use__CASE; \
165	0	case _secu_: secu_CASE; \
166
167
168		#define PARSE_COMPACT(id) \
169	0	switch(*(p + 1)) { \
170	0	case ' ': \
171	0	case '\t': \
172	0	hdr->type = id; \
173	0	hdr->name.len = 1; \
174	0	p += 2; \
175	0	goto dc_end; \
176	0	case ':': \
177	0	hdr->type = id; \
178	0	hdr->name.len = 1; \
179	0	return (p + 2); \
180	0	}
181
182
183		char* parse_hname2(char* begin, char* end, struct hdr_field* hdr)
184	0	{
185	0	register char* p;
186	0	register unsigned int val;
187
188	0	if ((end - begin) < 4) {
189	0	hdr->type = HDR_ERROR_T;
190	0	return begin;
191	0	}
192
193	0	p = begin;
194
195	0	val = LOWER_DWORD(READ(p));
196	0	hdr->name.s = begin;
197
198	0	switch(val) {
199
200	0	FIRST_QUATERNIONS;
201		/* fall through */
202
203	0	default:
204	0	switch(LOWER_BYTE(*p)) {
205	0	case 't':
206	0	switch(LOWER_BYTE(*(p + 1))) {
207	0	case 'o':
208	0	p += 2;
209	0	hdr->type = HDR_TO_T;
210	0	hdr->name.len = 2;
211	0	goto dc_cont;
212	0	case ' ':
213	0	case '\t':
214	0	p += 2;
215	0	hdr->type = HDR_TO_T;
216	0	hdr->name.len = 1;
217	0	goto dc_end;
218	0	case ':':
219	0	hdr->type = HDR_TO_T;
220	0	hdr->name.len = 1;
221	0	return (p + 2);
222	0	}
223	0	break;
224	0	case 'v': PARSE_COMPACT(HDR_VIA_T); break;
225	0	case 'f': PARSE_COMPACT(HDR_FROM_T); break;
226	0	case 'i': PARSE_COMPACT(HDR_CALLID_T); break;
227	0	case 'm': PARSE_COMPACT(HDR_CONTACT_T); break;
228	0	case 'l': PARSE_COMPACT(HDR_CONTENTLENGTH_T); break;
229	0	case 'k': PARSE_COMPACT(HDR_SUPPORTED_T); break;
230	0	case 'c': PARSE_COMPACT(HDR_CONTENTTYPE_T); break;
231	0	case 'o': PARSE_COMPACT(HDR_EVENT_T); break;
232	0	case 'x': PARSE_COMPACT(HDR_SESSION_EXPIRES_T); break;
233	0	}
234	0	goto other;
235	0	}
236		/* the above swtich will never continue here */
237
238
239	0	dc_end:
240		/* HDR name entirely found, consume WS till colon */
241		/* overflow during the "switch-case" parsing ? */
242	0	if (p>=end)
243	0	goto error;
244	0	p = skip_ws(p, end);
245	0	if (p >= end \|\| *p != ':')
246	0	goto error;
247		/* hdr type, name should be already set at this point */
248	0	return (p+1);
249		/done/
250
251
252	0	dc_cont:
253		/* HDR name partially found, see what's next */
254		/* overflow during the "switch-case" parsing ? */
255	0	if (p>=end)
256	0	goto error;
257		/* hdr type, name should be already set at this point (for partial finding) */
258	0	switch (*p) {
259	0	case ':' :
260	0	return (p+1);
261	0	case ' ':
262	0	case '\t':
263		/* consume spaces to the end of name */
264	0	p = skip_ws( p+1, end);
265	0	if (p >= end \|\| *p != ':')
266	0	goto error;
267	0	return (p+1);
268		/* default: it seems the hdr name continues, fall to "other" */
269	0	}
270
271
272	0	other:
273		/* Unknown header type */
274	0	hdr->type = HDR_OTHER_T;
275		/* if overflow during the "switch-case" parsing, the "while" will
276		* exit and we will fall in the "error" section */
277	0	while ( p < end ) {
278	0	switch (*p) {
279	0	case ':' :
280	0	hdr->name.len = p - hdr->name.s;
281	0	return (p + 1);
282	0	case ' ' :
283	0	case '\t':
284	0	hdr->name.len = p - hdr->name.s;
285	0	p = skip_ws(p+1, end);
286	0	if (p >= end \|\| *p != ':')
287	0	goto error;
288	0	return (p+1);
289	0	}
290	0	p++;
291	0	}
292
293	0	error:
294		/* No colon found, error.. */
295	0	hdr->type = HDR_ERROR_T;
296	0	hdr->name.s = 0;
297	0	hdr->name.len = 0;
298	0	return 0;
299	0	}