[Asterisk-code-review] res_http_websocket: Avoid reading past end of string (asterisk[master])
Sean Bright
asteriskteam at digium.com
Fri Jul 10 08:31:25 CDT 2020
Sean Bright has uploaded a new patch set (#3) to the change originally created by Nickolay V. Shmyrev. ( https://gerrit.asterisk.org/c/asterisk/+/14626 )
Change subject: res_http_websocket: Avoid reading past end of string
......................................................................
res_http_websocket: Avoid reading past end of string
We read beyond the end of the buffer when copying the string out of the
buffer when we used ast_copy_string() because the original string was
not null terminated. Instead switch to ast_strndup() which does not
exhibit the same behavior.
ASTERISK-28975 #close
Change-Id: Ib4a75cffeb1eb8cf01136ef30306bd623e531a2a
---
M res/res_http_websocket.c
1 file changed, 1 insertion(+), 2 deletions(-)
git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/26/14626/3
--
To view, visit https://gerrit.asterisk.org/c/asterisk/+/14626
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Change-Id: Ib4a75cffeb1eb8cf01136ef30306bd623e531a2a
Gerrit-Change-Number: 14626
Gerrit-PatchSet: 3
Gerrit-Owner: Nickolay V. Shmyrev <nshmyrev at alphacephei.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>
Gerrit-Reviewer: Sean Bright <sean.bright at gmail.com>
Gerrit-MessageType: newpatchset
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20200710/83c94780/attachment.html>
More information about the asterisk-code-review
mailing list