[Asterisk-code-review] sig_analog: Fix truncated buffer copy (asterisk[19])
Friendly Automation
asteriskteam at digium.com
Mon Nov 8 13:09:00 CST 2021
Friendly Automation has submitted this change. ( https://gerrit.asterisk.org/c/asterisk/+/17341 )
Change subject: sig_analog: Fix truncated buffer copy
......................................................................
sig_analog: Fix truncated buffer copy
Fixes compiler warning caused by a truncated copy of the ANI2 into a
buffer of size 10. This could prevent the null terminator from being
copied if the copy value exceeds the size of the buffer. This increases
the buffer size to 101 to ensure there is no way for truncation to occur.
ASTERISK-29702 #close
Change-Id: Ief9052212952840fa44de6463b8699fdb3e163d0
---
M channels/sig_analog.c
1 file changed, 1 insertion(+), 1 deletion(-)
Approvals:
George Joseph: Looks good to me, approved
Friendly Automation: Approved for Submit
diff --git a/channels/sig_analog.c b/channels/sig_analog.c
index 5bb5649..1af56e7 100644
--- a/channels/sig_analog.c
+++ b/channels/sig_analog.c
@@ -1967,7 +1967,7 @@
* this as a complete spill for the purposes of setting anistart */
if ((res > 0) || (strlen(anibuf) >= 2)) {
char anistart[2] = "X";
- char f[10] = {0};
+ char f[101] = {0};
if (strchr("#ABC", anibuf[strlen(anibuf) - 1])) {
anistart[0] = anibuf[strlen(anibuf) - 1];
anibuf[strlen(anibuf) - 1] = 0;
--
To view, visit https://gerrit.asterisk.org/c/asterisk/+/17341
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: 19
Gerrit-Change-Id: Ief9052212952840fa44de6463b8699fdb3e163d0
Gerrit-Change-Number: 17341
Gerrit-PatchSet: 2
Gerrit-Owner: N A <mail at interlinked.x10host.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20211108/d6742c8d/attachment.html>
More information about the asterisk-code-review
mailing list