[Asterisk-code-review] pbx: Fix crash when issuing "core show hints" with long patt... (asterisk[13])

Matt Jordan asteriskteam at digium.com
Wed Sep 2 17:21:25 CDT 2015


Matt Jordan has submitted this change and it was merged.

Change subject: pbx: Fix crash when issuing "core show hints" with long pattern match.
......................................................................


pbx: Fix crash when issuing "core show hints" with long pattern match.

When issuing the "core show hints" CLI command a combination of both
the hint extension and context is created. This uses a fixed size
buffer expecting that the extension will not exceed maximum extension
length. When the extension is actually a pattern match this constraint
does not hold true, and the extension may exceed the maximum extension
length. In this case extra characters are written past the end of the
fixed size buffer.

This change makes it so the construction of the combined hint extension
and context can not exceed the size of the buffer.

ASTERISK-25367 #close

Change-Id: Idfa1b95d0d4dc38e675be7c1de8900b3f981f499
---
M main/pbx.c
1 file changed, 1 insertion(+), 1 deletion(-)

Approvals:
  Mark Michelson: Looks good to me, but someone else must approve
  Anonymous Coward #1000019: Verified
  Matt Jordan: Looks good to me, approved



diff --git a/main/pbx.c b/main/pbx.c
index b34a060..d0a836a 100644
--- a/main/pbx.c
+++ b/main/pbx.c
@@ -7524,7 +7524,7 @@
 			continue;
 		}
 		watchers = ao2_container_count(hint->callbacks);
-		sprintf(buf, "%s@%s",
+		snprintf(buf, sizeof(buf), "%s@%s",
 			ast_get_extension_name(hint->exten),
 			ast_get_context_name(ast_get_extension_context(hint->exten)));
 

-- 
To view, visit https://gerrit.asterisk.org/1174
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Idfa1b95d0d4dc38e675be7c1de8900b3f981f499
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Owner: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: Mark Michelson <mmichelson at digium.com>
Gerrit-Reviewer: Matt Jordan <mjordan at digium.com>



More information about the asterisk-code-review mailing list