Hi
We have some users who are supplying very long, broken contact details
(from Cisco 7912 phones):
Apr 25 11:29:46 WARNING[1480] chan_sip.c: No closing bracket found in
'1st Floor Scanner - 137
<sip:xxxxxxxx@yyy.yy.yyy.yyy:5060;user=phone;transport='
Apr 25 11:29:46 NOTICE[1480] chan_sip.c: '1st Floor Scanner - 137
<sip:xxxxxxxx@yyy.yy.yyy.yyy:5060;user=phone;transport=' is not a valid
SIP contact (missing sip:) trying to use anyway
Any ideas how to stop this? Most of the time it's harmless but some make
the SQL queries so long they overflows sql in res_config.c:
static struct ast_variable *realtime_mysql(..) {
char sql[256];
..
snprintf(sql, sizeof(sql), "SELECT * FROM %s WHERE %s%s
'%s'", table,
newparam, op, newval);
..
}
then:
Apr 25 11:29:46 DEBUG[1480] res_config_mysql.c: MySQL RealTime: Update
SQL: UPDATE sip SET ipaddr = 'yyy.yy.yyy.yyy', port = '25766',
regseconds
= '1145963986', username = '1st Floor Scanner - 137
<sip:xxxxxxxx',
fullcontact = '1st Floor Scanner - 137
<sip:xxxxxxxx@yyy.yy.yyy.yyy:5060;user=phone;transport=' WHERE name =
'84410662
Apr 25 11:29:46 DEBUG[1480] res_config_mysql.c: MySQL RealTime: Query
Failed because: You have an error in your SQL syntax; check the manual
that corresponds
to your MySQL server version for the right syntax to use near
''84410662'
at line 1
The query is 257 bytes so the last quote is truncated and the update
fails.
Should I submit a patch? If nothing else it'd be nice to check that the
query fits into sql and complain if it doesn't.
Cheers,
Mark Drayton
This message and any attachment are confidential and may be privileged or
otherwise protected from disclosure. If you are not the intended
recipient, please telephone or email the sender and delete this message
and any attachment(s) from your system and do not disclose its contents to any
third parties.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.digium.com/pipermail/asterisk-users/attachments/20060425/4cc3e742/attachment.htm
