[asterisk-commits] mnicholson: branch 1.6.2 r301307 - in /branches/1.6.2: ./ main/utils.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Tue Jan 11 12:42:08 CST 2011
Author: mnicholson
Date: Tue Jan 11 12:42:05 2011
New Revision: 301307
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=301307
Log:
Merged revisions 301305 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r301305 | mnicholson | 2011-01-11 12:34:40 -0600 (Tue, 11 Jan 2011) | 4 lines
Prevent buffer overflows in ast_uri_encode()
ABE-2705
........
Modified:
branches/1.6.2/ (props changed)
branches/1.6.2/main/utils.c
Propchange: branches/1.6.2/
------------------------------------------------------------------------------
Binary property 'branch-1.4-merged' - no diff available.
Modified: branches/1.6.2/main/utils.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.6.2/main/utils.c?view=diff&rev=301307&r1=301306&r2=301307
==============================================================================
--- branches/1.6.2/main/utils.c (original)
+++ branches/1.6.2/main/utils.c Tue Jan 11 12:42:05 2011
@@ -386,28 +386,27 @@
char *reserved = ";/?:@&=+$,# "; /* Reserved chars */
const char *ptr = string; /* Start with the string */
- char *out = NULL;
- char *buf = NULL;
-
- ast_copy_string(outbuf, string, buflen);
-
- /* If there's no characters to convert, just go through and don't do anything */
- while (*ptr) {
+ char *out = outbuf;
+
+ /* If there's no characters to convert, just go through and copy the string */
+ while (*ptr && out - outbuf < buflen - 1) {
if ((*ptr < 32) || (doreserved && strchr(reserved, *ptr))) {
- /* Oops, we need to start working here */
- if (!buf) {
- buf = outbuf;
- out = buf + (ptr - string) ; /* Set output ptr */
+ if (out - outbuf >= buflen - 3) {
+ break;
}
+
out += sprintf(out, "%%%02x", (unsigned char) *ptr);
- } else if (buf) {
- *out = *ptr; /* Continue copying the string */
+ } else {
+ *out = *ptr; /* copy the character */
out++;
- }
+ }
ptr++;
}
- if (buf)
+
+ if (buflen) {
*out = '\0';
+ }
+
return outbuf;
}
More information about the asterisk-commits
mailing list