[asterisk-bugs] [Asterisk 0015765]: [patch] Incorrect parsing of day range in pbx.c
Asterisk Bug Tracker
noreply at bugs.digium.com
Tue Aug 25 10:48:45 CDT 2009
The following issue has been ASSIGNED.
======================================================================
https://issues.asterisk.org/view.php?id=15765
======================================================================
Reported By: hooi
Assigned To: lmadsen
======================================================================
Project: Asterisk
Issue ID: 15765
Category: Core/PBX
Reproducibility: always
Severity: minor
Priority: normal
Status: confirmed
Asterisk Version: 1.2.X
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!): 213789
Request Review:
======================================================================
Date Submitted: 2009-08-23 21:46 CDT
Last Modified: 2009-08-25 10:48 CDT
======================================================================
Summary: [patch] Incorrect parsing of day range in pbx.c
Description:
The patch
http://downloads.digium.com/pub/security/AST-2009-005-1.2.diff.txt contains
incorrect sscanf format for parsing start of day and end of day in pbx.c
whereby it assumes "day" is single digit. That is:
sscanf(day, "%1d", &s) should be sscanf(day, "%2d", &s) [at line 4019]
and sscanf(day, "%1d", &e) should be sscanf(day, "%2d", &e) [at line
4029]
This impact on anything that uses ast_build_timing() such as GotoIfTime()
and ExecIfTime().
======================================================================
Issue History
Date Modified Username Field Change
======================================================================
2009-08-25 10:48 tilghman Assigned To tilghman => lmadsen
======================================================================
More information about the asterisk-bugs
mailing list