[asterisk-addons-commits] russell: trunk r444 - /trunk/chan_mobile.c

SVN commits to the Asterisk addons project asterisk-addons-commits at lists.digium.com
Fri Sep 7 21:48:02 CDT 2007


Author: russell
Date: Fri Sep  7 21:48:02 2007
New Revision: 444

URL: http://svn.digium.com/view/asterisk-addons?view=rev&rev=444
Log:
* Change a few lines to use ast_strlen_zero() instead of the same thing inline
* Replace a use of strcpy() with ast_copy_string().  This could allow a heap
  buffer overflow as the data being copied comes from the arguments to the
  application, which is can come from various places aside from the dialplan,
  like the manager interface or call files.

Modified:
    trunk/chan_mobile.c

Modified: trunk/chan_mobile.c
URL: http://svn.digium.com/view/asterisk-addons/trunk/chan_mobile.c?view=diff&rev=444&r1=443&r2=444
==============================================================================
--- trunk/chan_mobile.c (original)
+++ trunk/chan_mobile.c Fri Sep  7 21:48:02 2007
@@ -406,11 +406,11 @@
 
 	args = ast_strdupa((char *)data);
 	device = strsep(&args, "|");
-	if (device && (device[0] != 0x00)) {
+	if (!ast_strlen_zero(device)) {
 		dest = strsep(&args, "|");
-		if (dest && (dest[0] != 0x00)) {
+		if (!ast_strlen_zero(dest)) {
 			message = args;
-			if (!message || (message[0] == 0x00)) {
+			if (ast_strlen_zero(message)) {
 				ast_log(LOG_ERROR,"NULL Message to be sent -- SMS will not be sent.\n");
 				return -1;
 			}
@@ -449,7 +449,7 @@
 		return -1;
 	}
 	
-	strcpy(pvt->dial_number, dest);
+	ast_copy_string(pvt->dial_number, dest, sizeof(pvt->dial_number));
 	ast_copy_string(pvt->sms_txt, message, sizeof(pvt->sms_txt));
 	pvt->state = MBL_STATE_OUTSMS;
 




More information about the asterisk-addons-commits mailing list