[VOIPSEC] Actual Attacks - UA handling
Geoff Devine
gdevine at cedarpointcom.com
Mon Mar 7 22:18:52 CST 2005
Brian Rosen writes:
> Basically, the size of most text fields should not be limited anything
close
> to 256. Generally, the spec allows text fields of any length, but in
> practice a message has to fit in a packet, and thus you have an
effective
> limit of 64K for the message. It's theoretically possible to have
headers
> in a message sent with TCP be longer than that, but I don't think you
will
> see anyone complain about limiting total message length to 64K.
If you look at RFC 3261, you'll see:
"If a request is within 200 bytes of the path MTU, or if it is larger
than 1300 bytes and the path MTU is unknown, the request MUST be sent
using an RFC 2914 [43] congestion controlled transport protocol, such
as TCP."
And
"However,
implementations MUST be able to handle messages up to the maximum
datagram packet size. For UDP, this size is 65,535 bytes, including
IP and UDP headers."
Given that most SIP implementations only run over UDP, an overall
1300-ish byte maximum PDU limit is what you'd expect to see in
operational networks. You'd size internal data structures assuming
that's the "typical" biggest PDU you'll see. 256 might not be quite big
enough but it doesn't make much sense in a memory-limited environment to
build something that is optimized to deal with objects bigger than 1K or
so. You have to code defensively to meet the 64K normative requirement
but that's not the real world.
Geoff
More information about the Voipsec
mailing list