Menu
▾
▴
Re: [Iaxclient-devel] MD5 authentication in CVS
|
From: Steve K. <st...@st...> - 2004-10-22 14:28:08
|
Dan wrote:
> Hi,
>
>> ----- Original Message ----- From: "Michael Van Donselaar"
>> <mi...@va...>
>>
>>> I've just recompiled iaxComm with the current CVS sources, and MD5
>>
>> authentication seems to be broken.
>>
>> Can anyone verify that they are having problems as well?
>>
>
> It seems to be from the alignment patch.
>
> In iax2-parser.c [447]
>
> changing to:
>
> case IAX_IE_AUTHMETHODS:
> if (len != sizeof(unsigned short)) {
> snprintf(tmp, sizeof(tmp), "Expecting authmethods to be %d bytes
> long but was %d\n", sizeof(unsigned short), len);
> errorf(tmp);
> } else
> ies->authmethods = ntohs(*((unsigned short *)(data+2))); // <
> this replace the modified aligned
> break;
>
Hmm, let's see here:
The line you have shown is:
ies->authmethods = ntohs(*((unsigned short *)(data+2))); // < this
replace the modified
The line in the source now is:
ies->authmethods =
ntohs(GET_ALIGN_16(data+2));
The macro is:
# define GET_ALIGN_16(srcp) *((unsigned short *)srcp)
Which evaluates to:
ies->authmethods = ntohs(*((unsigned short *)data+2));
So, the problem is the macro needs parentheses:
# define GET_ALIGN_16(srcp) *((unsigned short *)(srcp))
Because it's presently dereferencing data, then adding 2, when it should
be adding 2 to the pointer, than dereferencing.
Fixed in CVS.
-SteveK
> Best regards,
> Dan
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
> Use IT products in your business? Tell us what you think of them. Give us
> Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out
> more
> http://productguide.itmanagersjournal.com/guidepromo.tmpl
> _______________________________________________
> Iaxclient-devel mailing list
> Iax...@li...
> https://lists.sourceforge.net/lists/listinfo/iaxclient-devel
>
|
