[asterisk-commits] russell: branch 1.4 r108469 - /branches/1.4/apps/app_followme.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Thu Mar 13 15:26:29 CDT 2008
Author: russell
Date: Thu Mar 13 15:26:28 2008
New Revision: 108469
URL: http://svn.digium.com/view/asterisk?view=rev&rev=108469
Log:
Fix a couple uses of sprintf. The second one could actually cause an overflow
of a stack buffer. It's not a security issue though, it only depends on your
configuration.
Modified:
branches/1.4/apps/app_followme.c
Modified: branches/1.4/apps/app_followme.c
URL: http://svn.digium.com/view/asterisk/branches/1.4/apps/app_followme.c?view=diff&rev=108469&r1=108468&r2=108469
==============================================================================
--- branches/1.4/apps/app_followme.c (original)
+++ branches/1.4/apps/app_followme.c Thu Mar 13 15:26:28 2008
@@ -818,9 +818,9 @@
}
if (!strcmp(tpargs->context, ""))
- sprintf(dialarg, "%s", number);
+ snprintf(dialarg, sizeof(dialarg), "%s", number);
else
- sprintf(dialarg, "%s@%s", number, tpargs->context);
+ snprintf(dialarg, sizeof(dialarg), "%s@%s", number, tpargs->context);
tmpuser = ast_calloc(1, sizeof(*tmpuser));
if (!tmpuser) {
More information about the asterisk-commits
mailing list