[asterisk-commits] mmichelson: trunk r351900 - /trunk/apps/app_mixmonitor.c

[SVN commits to the Asterisk project]

Author: mmichelson
Date: Fri Jan 20 14:26:55 2012
New Revision: 351900

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=351900
Log:
Prevent potential buffer overflow on AMI MixMonitor command.

Don't be alarmed. This only affected trunk, and it would have
required manager access to your system.


Modified:
    trunk/apps/app_mixmonitor.c

Modified: trunk/apps/app_mixmonitor.c
URL: http://svnview.digium.com/svn/asterisk/trunk/apps/app_mixmonitor.c?view=diff&rev=351900&r1=351899&r2=351900
==============================================================================
--- trunk/apps/app_mixmonitor.c (original)
+++ trunk/apps/app_mixmonitor.c Fri Jan 20 14:26:55 2012
@@ -923,9 +923,7 @@
 		return AMI_SUCCESS;
 	}
 
-	strcpy(args, file);
-	strcat(args, ",");
-	strcat(args, options);
+	snprintf(args, sizeof(args), "%s,%s", file, options);
 
 	ast_channel_lock(c);
 	res = mixmonitor_exec(c, args);