[Asterisk-code-review] cel pgsql.c: Fix buffer overflow calling libpq (asterisk[13])
Sean Bright
asteriskteam at digium.com
Mon Mar 27 14:18:46 CDT 2017
Sean Bright has posted comments on this change. ( https://gerrit.asterisk.org/5333 )
Change subject: cel_pgsql.c: Fix buffer overflow calling libpq
......................................................................
Patch Set 3: Code-Review-1
(2 comments)
Sorry, I was mistaken. A couple more things that need addressing.
https://gerrit.asterisk.org/#/c/5333/3/cel/cel_pgsql.c
File cel/cel_pgsql.c:
Line 193: escapebuf = ast_malloc(bufsize);
Check for allocation failure and fail out if necessary.
Line 325: escapebuf = ast_realloc(escapebuf, bufsize);
So if ast_realloc fails, it doesn't touch the original pointer (it behaves just like realloc()). So you should assign the result of ast_realloc to a new temporary variable, and only when it is non-NULL should you assign it to escapebuf.
When realloc does fail, you should fail out.
--
To view, visit https://gerrit.asterisk.org/5333
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: If611c734292618ed68dde17816d09dd16667dea2
Gerrit-PatchSet: 3
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Owner: twisted <josh at asteriasgi.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: Sean Bright <sean.bright at gmail.com>
Gerrit-HasComments: Yes
More information about the asterisk-code-review
mailing list