yatevoip / yate

Yate - Yet Another Telephony Engine
GNU General Public License v2.0
50 stars 16 forks source link

Internal protocol: (un)escaping with % #11

Closed andr-04 closed 1 year ago

andr-04 commented 1 year ago

According to External module command flow:

%%>message:<id>:<time>:<name>:<retvalue>[:<key>=<value>...]

%%<message:<id>:<processed>:[<name>]:<retvalue>[:<key>=<value>...]

Characters with codes higher than 32 (except %) SHOULD not be escaped but may be so. A %-escaped code may be received instead of an unescaped character anywhere except in the initial keyword or the delimiting colon (:) characters.

But the rules mentioned above are not followed. According to them, I suggest the following changes:

  1. Symbol = should be escaped always, like :, because it is the delimiter if not escaped.
  2. There should be no additional checks when unescaping that the character code <= '_' (unescaped symbol must not be less 32).
  3. There should be no additional checks when unescaping that symbols was only : or someone other "extra".
  4. Unescaped symbol can be zero-symbol too. Here's not safe, but it should be handled somehow.

engine/String.cpp:1695 engine/String.cpp:1726