[asterisk-commits] russell: trunk r176901 - /trunk/main/pbx.c

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Wed Feb 18 00:00:40 CST 2009 

Author: russell
Date: Wed Feb 18 00:00:40 2009
New Revision: 176901

URL: http://svn.digium.com/svn-view/asterisk?view=rev&rev=176901
Log:
Fix a number of incorrect uses of strncpy().

The big problem here is that the 3rd argument provided in these uses of strncpy()
did not reserve a byte for the null terminator, leaving the potential for writing
one byte past the end of the buffer.

Aside from this, there were coding guidelines violations with regards to spacing,
as well as hard coded lengths being used instead of sizeof().

Modified:
    trunk/main/pbx.c

Modified: trunk/main/pbx.c
URL: http://svn.digium.com/svn-view/asterisk/trunk/main/pbx.c?view=diff&rev=176901&r1=176900&r2=176901
==============================================================================
--- trunk/main/pbx.c (original)
+++ trunk/main/pbx.c Wed Feb 18 00:00:40 2009
@@ -1858,7 +1858,8 @@
 	int l1 = strlen(e1->exten) + strlen(e1->cidmatch) + 2;
 	
 
-	strncpy(extenbuf,e1->exten,sizeof(extenbuf));
+	ast_copy_string(extenbuf, e1->exten, sizeof(extenbuf));
+
 	if (e1->matchcid &&  l1 <= sizeof(extenbuf)) {
 		strcat(extenbuf,"/");
 		strcat(extenbuf,e1->cidmatch);
@@ -2386,7 +2387,9 @@
 {
 	struct ast_context *tmp = NULL;
 	struct fake_context item;
-	strncpy(item.name,name,256);
+
+	ast_copy_string(item.name, name, sizeof(item.name));
+
 	ast_rdlock_contexts();
 	if( contexts_table ) {
 		tmp = ast_hashtab_lookup(contexts_table,&item);
@@ -2458,8 +2461,10 @@
 		tmp = bypass;
 	else {	/* look in contexts */
 		struct fake_context item;
-		strncpy(item.name,context,256);
-		tmp = ast_hashtab_lookup(contexts_table,&item);
+
+		ast_copy_string(item.name, context, sizeof(item.name));
+
+		tmp = ast_hashtab_lookup(contexts_table, &item);
 #ifdef NOTNOW
 		tmp = NULL;
 		while ((tmp = ast_walk_contexts(tmp)) ) {
@@ -4900,7 +4905,8 @@
 
 	ast_rdlock_contexts();
 
-	strncpy(item.name,context,256);
+	ast_copy_string(item.name, context, sizeof(item.name));
+
 	c = ast_hashtab_lookup(contexts_table,&item);
 	if (c)
 		ret = 0;
@@ -4938,7 +4944,8 @@
 
 	ast_rdlock_contexts();
 
-	strncpy(item.name, context, 256);
+	ast_copy_string(item.name, context, sizeof(item.name));
+
 	c = ast_hashtab_lookup(contexts_table,&item);
 	if (c)
 		ret = 0;
@@ -6309,7 +6316,7 @@
 										   0);
 	}
 	
-	strncpy(search.name,name,sizeof(search.name));
+	ast_copy_string(search.name, name, sizeof(search.name));
 	if (!extcontexts) {
 		ast_rdlock_contexts();
 		local_contexts = &contexts;
@@ -7540,7 +7547,7 @@
 	
 	if (con->pattern_tree) { /* usually, on initial load, the pattern_tree isn't formed until the first find_exten; so if we are adding
 								an extension, and the trie exists, then we need to incrementally add this pattern to it. */
-		strncpy(dummy_name,extension,sizeof(dummy_name));
+		ast_copy_string(dummy_name, extension, sizeof(dummy_name));
 		dummy_exten.exten = dummy_name;
 		dummy_exten.matchcid = 0;
 		dummy_exten.cidmatch = 0;

More information about the asterisk-commits mailing list