[asterisk-bugs] [LibSS7 0014676]: buffer overflow in mtp2_new
Asterisk Bug Tracker
noreply at bugs.digium.com
Tue Jul 7 16:17:25 CDT 2009
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=14676
======================================================================
Reported By: Safari
Assigned To: mattf
======================================================================
Project: LibSS7
Issue ID: 14676
Category: General
Reproducibility: N/A
Severity: major
Priority: normal
Status: assigned
Asterisk Version: SVN
SVN Branch (only for SVN checkouts, not tarball releases): trunk
SVN Revision (number only!):
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 2009-03-16 11:38 CDT
Last Modified: 2009-07-07 16:17 CDT
======================================================================
Summary: buffer overflow in mtp2_new
Description:
new->name[sizeof(new->name)] = 0;
overflows the buffer, overwriting part of `state'.
======================================================================
----------------------------------------------------------------------
(0107462) svnbot (reporter) - 2009-07-07 16:17
https://issues.asterisk.org/view.php?id=14676#c107462
----------------------------------------------------------------------
Repository: libss7
Revision: 267
U trunk/mtp2.c
------------------------------------------------------------------------
r267 | mmichelson | 2009-07-07 16:17:24 -0500 (Tue, 07 Jul 2009) | 6 lines
Don't write past the end of the buffer. It's bad.
(closes issue https://issues.asterisk.org/view.php?id=14676)
Reported by: Safari
------------------------------------------------------------------------
http://svn.digium.com/view/libss7?view=rev&revision=267
Issue History
Date Modified Username Field Change
======================================================================
2009-07-07 16:17 svnbot Note Added: 0107462
======================================================================
More information about the asterisk-bugs
mailing list