[asterisk-bugs] [JIRA] Created: (ASTERISK-20350) DEBUG_MALLOC version of ast_strndup() may cause buffer overflow
Matt Jordan (JIRA)
noreply at issues.asterisk.org
Fri Aug 31 13:50:08 CDT 2012
DEBUG_MALLOC version of ast_strndup() may cause buffer overflow
---------------------------------------------------------------
Key: ASTERISK-20350
URL: https://issues.asterisk.org/jira/browse/ASTERISK-20350
Project: Asterisk
Issue Type: Bug
Security Level: None
Components: Core/AstMM
Affects Versions: 11.0.0-beta1
Reporter: Brent Eagles
In astmm.c, __ast_strndup() calls strcpy() causing strlen(source) characters to be copied into a destination buffer that is sized according to the number of characters to be copied (n), where n may be less than strlen(source). High fence violations are correctly reported if strlen(source) > n.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the asterisk-bugs
mailing list