[asterisk-bugs] [JIRA] (DAHTOOL-89) dahdi_cfg: Destination buffer too small for snprintf output
N A (JIRA)
noreply at issues.asterisk.org
Tue Oct 12 19:59:49 CDT 2021
N A created DAHTOOL-89:
--------------------------
Summary: dahdi_cfg: Destination buffer too small for snprintf output
Key: DAHTOOL-89
URL: https://issues.asterisk.org/jira/browse/DAHTOOL-89
Project: DAHDI-Tools
Issue Type: Bug
Security Level: None
Components: Utilities
Affects Versions: 3.1.0
Environment: Debian 10, kernel 5.10
Reporter: N A
Assignee: Keith Morgan
dahdi_cfg.c: In function ‘are_all_spans_assigned’:
dahdi_cfg.c:153:7: warning: ‘/span_count’ directive output may be truncated writing 11 bytes into a region of size between 0 and 1023 [-Wformat-truncation=]
153 | "%s/span_count", device_path);
| ^~~~~~~~~~~
dahdi_cfg.c:152:2: note: ‘snprintf’ output between 12 and 1035 bytes into a destination of size 1023
152 | snprintf(attribute, sizeof(attribute) - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
153 | "%s/span_count", device_path);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The problem here is that the buffer size isn't accounting for the size of "/span_count" as well, which adds 12 characters.
The attached patch resolves this issue: https://code.phreaknet.org/asterisk/dahdi/dahdi_cfg.diff
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list