[Asterisk-code-review] func aes: fix misuse of strlen on binary data (asterisk[master])
Gianluca Merlo
asteriskteam at digium.com
Fri Mar 18 20:38:23 CDT 2016
Gianluca Merlo has uploaded a new change for review.
https://gerrit.asterisk.org/2437
Change subject: func_aes: fix misuse of strlen on binary data
......................................................................
func_aes: fix misuse of strlen on binary data
The encryption code for AES_ENCRYPT evaluates the length of the data to
be encoded in base64 using strlen. The data is binary, thus the length
of it can be underestimated at the first NULL character.
Reuse the write pointer offset to evaluate it, instead.
ASTERISK-25857 #comment Patch added for review as in description
Change-Id: If686b5d570473eb926693c73461177b35b13b186
---
M funcs/func_aes.c
1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/37/2437/1
diff --git a/funcs/func_aes.c b/funcs/func_aes.c
index 9347b6f..d80636f 100644
--- a/funcs/func_aes.c
+++ b/funcs/func_aes.c
@@ -146,7 +146,7 @@
}
if (encrypt) { /* if encrypting encode result to base64 */
- ast_base64encode(buf, (unsigned char *) tmp, strlen(tmp), len);
+ ast_base64encode(buf, (unsigned char *) tmp, tmpP - tmp, len);
} else {
memcpy(buf, tmp, len);
}
--
To view, visit https://gerrit.asterisk.org/2437
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: If686b5d570473eb926693c73461177b35b13b186
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Owner: Gianluca Merlo <gianluca.merlo at gmail.com>
More information about the asterisk-code-review
mailing list