Package: twinkle
Severity: normal
Tags: patch
There are typos in the list of unescaped characters in user, password and
headers of URIs.
"...XYX..."
should be
"...XYZ..."
The result is, 'Z' characters are converted to %5a in the user part or URIs.
This can lead to failed calls. If for example a Record-Route header contains a
'Z', then Twinkle will replace this 'Z' with %5a in the Route header it inserts
into dialog requests. This might be a problem for the SIP proxy which inserted
the Record-Route header and may not recognize its URI in the Route header.
Thanks to Mikael Magnusson for the original report and patch in Ubuntu (LP:
#521161)
-- System Information:
Debian Release: squeeze/sid
APT prefers lucid-updates
APT policy: (500, 'lucid-updates'), (500, 'lucid-security'), (500, 'lucid')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-22-generic (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- twinkle-1.4.2.orig/src/sockets/url.cpp 2009-01-18 15:30:41.000000000 +0100
+++ twinkle-1.4.2/src/sockets/url.cpp 2010-02-12 19:29:06.033763864 +0100
@@ -396,7 +396,7 @@
// mark = "-" / "_" / "." / "!" / "~" / "*" / "'" / "(" / ")"
return escape_hex(user_value,
- "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYX0123456789"\
+ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"\
"-_.!~*'()&=+$,;?/");
}
@@ -407,7 +407,7 @@
// mark = "-" / "_" / "." / "!" / "~" / "*" / "'" / "(" / ")"
return escape_hex(passwd_value,
- "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYX0123456789"\
+ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"\
"-_.!~*'()&=+$,");
}
@@ -420,7 +420,7 @@
// mark = "-" / "_" / "." / "!" / "~" / "*" / "'" / "(" / ")"
return escape_hex(hnv,
- "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYX0123456789"\
+ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"\
"-_.!~*'()[]/?:+$");
}
