[asterisk-commits] kpfleming: branch 1.4 r147681 - /branches/1.4/channels/chan_dahdi.c

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Wed Oct 8 17:22:09 CDT 2008


Author: kpfleming
Date: Wed Oct  8 17:22:09 2008
New Revision: 147681

URL: http://svn.digium.com/view/asterisk?view=rev&rev=147681
Log:
when parsing a text configuration option, ensure that the buffer on the stack is actually large enough to hold the legal values of that option, and also ensure that sscanf() knows to stop parsing if it would overrun the buffer (without these changes, specifying "buffers=...,immediate" would overflow the buffer on the stack, and could not have worked as expected)


Modified:
    branches/1.4/channels/chan_dahdi.c

Modified: branches/1.4/channels/chan_dahdi.c
URL: http://svn.digium.com/view/asterisk/branches/1.4/channels/chan_dahdi.c?view=diff&rev=147681&r1=147680&r2=147681
==============================================================================
--- branches/1.4/channels/chan_dahdi.c (original)
+++ branches/1.4/channels/chan_dahdi.c Wed Oct  8 17:22:09 2008
@@ -10990,8 +10990,9 @@
 					return -1;
 		} else if (!strcasecmp(v->name, "buffers")) {
 			int res;
-			char policy[8] = "";
-			res = sscanf(v->value, "%d,%s", &confp->chan.buf_no, policy);
+			char policy[21] = "";
+
+			res = sscanf(v->value, "%d,%20s", &confp->chan.buf_no, policy);
 			if (res != 2) {
 				ast_log(LOG_WARNING, "Parsing buffers option data failed, using defaults.\n");
 				confp->chan.buf_no = numbufs;




More information about the asterisk-commits mailing list