[asterisk-bugs] [LibSS7 0014676]: buffer overflow in mtp2_new

Asterisk Bug Tracker noreply at bugs.digium.com
Tue Jul 7 16:17:25 CDT 2009


A NOTE has been added to this issue. 
====================================================================== 
https://issues.asterisk.org/view.php?id=14676 
====================================================================== 
Reported By:                Safari
Assigned To:                mattf
====================================================================== 
Project:                    LibSS7
Issue ID:                   14676
Category:                   General
Reproducibility:            N/A
Severity:                   major
Priority:                   normal
Status:                     assigned
Asterisk Version:           SVN 
SVN Branch (only for SVN checkouts, not tarball releases):  trunk 
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             2009-03-16 11:38 CDT
Last Modified:              2009-07-07 16:17 CDT
====================================================================== 
Summary:                    buffer overflow in mtp2_new
Description: 
new->name[sizeof(new->name)] = 0;
overflows the buffer, overwriting part of `state'.

====================================================================== 

---------------------------------------------------------------------- 
 (0107462) svnbot (reporter) - 2009-07-07 16:17
 https://issues.asterisk.org/view.php?id=14676#c107462 
---------------------------------------------------------------------- 
Repository: libss7
Revision: 267

U   trunk/mtp2.c

------------------------------------------------------------------------
r267 | mmichelson | 2009-07-07 16:17:24 -0500 (Tue, 07 Jul 2009) | 6 lines

Don't write past the end of the buffer. It's bad.

(closes issue https://issues.asterisk.org/view.php?id=14676)
Reported by: Safari


------------------------------------------------------------------------

http://svn.digium.com/view/libss7?view=rev&revision=267 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-07-07 16:17 svnbot         Note Added: 0107462                          
======================================================================




More information about the asterisk-bugs mailing list