[Asterisk-code-review] res_ari_channels: Fixed endpoint 80 characters limit (asterisk[master])
Richard Mudgett
asteriskteam at digium.com
Tue Apr 21 11:02:47 CDT 2020
Richard Mudgett has posted comments on this change. ( https://gerrit.asterisk.org/c/asterisk/+/14279 )
Change subject: res_ari_channels: Fixed endpoint 80 characters limit
......................................................................
Patch Set 1: Code-Review-1
(3 comments)
https://gerrit.asterisk.org/c/asterisk/+/14279/1//COMMIT_MSG
Commit Message:
https://gerrit.asterisk.org/c/asterisk/+/14279/1//COMMIT_MSG@9
PS1, Line 9: Fixed it to copy the entire string from the requested ednpoint body except tech-prefix.
typo: endpoint
https://gerrit.asterisk.org/c/asterisk/+/14279/1/res/ari/resource_channels.c
File res/ari/resource_channels.c:
https://gerrit.asterisk.org/c/asterisk/+/14279/1/res/ari/resource_channels.c@1119
PS1, Line 1119: dialdevice = ast_strdupa(stuff);
Since there is no fixed limit, is it now possible for an attacker to try to remotely blow the stack?
https://gerrit.asterisk.org/c/asterisk/+/14279/1/res/ari/resource_channels.c@1829
PS1, Line 1829: dialdevice = ast_strdupa(stuff);
same
--
To view, visit https://gerrit.asterisk.org/c/asterisk/+/14279
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Change-Id: I91b5f6708a1200363f3267b847dd6a0915222c25
Gerrit-Change-Number: 14279
Gerrit-PatchSet: 1
Gerrit-Owner: sungtae kim <pchero21 at gmail.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>
Gerrit-Comment-Date: Tue, 21 Apr 2020 16:02:47 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Gerrit-MessageType: comment
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20200421/80e71b61/attachment.html>
More information about the asterisk-code-review
mailing list