[asterisk-commits] russell: branch 10 r359212 - in /branches/10: ./ apps/ channels/

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Wed Mar 14 05:04:07 CDT 2012


Author: russell
Date: Wed Mar 14 05:04:03 2012
New Revision: 359212

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=359212
Log:
Fix invalid reads/writes due to incorrect sizeof().

These few places in the code used sizeof() on h_addr in struct hostent.
This is sizeof(char *).  The correct way to get the size of this address is to
use h_length.  This error would result in reads/writes of 8 bytes instead of 4
on 64-bit machines.
........

Merged revisions 359211 from http://svn.asterisk.org/svn/asterisk/branches/1.8

Modified:
    branches/10/   (props changed)
    branches/10/apps/app_externalivr.c
    branches/10/channels/chan_iax2.c

Propchange: branches/10/
------------------------------------------------------------------------------
Binary property 'branch-1.8-merged' - no diff available.

Modified: branches/10/apps/app_externalivr.c
URL: http://svnview.digium.com/svn/asterisk/branches/10/apps/app_externalivr.c?view=diff&rev=359212&r1=359211&r2=359212
==============================================================================
--- branches/10/apps/app_externalivr.c (original)
+++ branches/10/apps/app_externalivr.c Wed Mar 14 05:04:03 2012
@@ -515,7 +515,7 @@
 		ast_gethostbyname(hostname, &hp);
 		remote_address_tmp.sin_family = AF_INET;
 		remote_address_tmp.sin_port = htons(port);
-		memcpy(&remote_address_tmp.sin_addr.s_addr, hp.hp.h_addr, sizeof(hp.hp.h_addr));
+		memcpy(&remote_address_tmp.sin_addr.s_addr, hp.hp.h_addr, hp.hp.h_length);
 		ast_sockaddr_from_sin(&ivr_desc.remote_address, &remote_address_tmp);
 		if (!(ser = ast_tcptls_client_create(&ivr_desc)) || !(ser = ast_tcptls_client_start(ser))) {
 			goto exit;

Modified: branches/10/channels/chan_iax2.c
URL: http://svnview.digium.com/svn/asterisk/branches/10/channels/chan_iax2.c?view=diff&rev=359212&r1=359211&r2=359212
==============================================================================
--- branches/10/channels/chan_iax2.c (original)
+++ branches/10/channels/chan_iax2.c Wed Mar 14 05:04:03 2012
@@ -4445,7 +4445,7 @@
 				if (!strcasecmp(tmp->name, "host")) {
 					struct ast_hostent ahp;
 					struct hostent *hp;
-					if (!(hp = ast_gethostbyname(tmp->value, &ahp)) || (memcmp(hp->h_addr, &sin->sin_addr, sizeof(hp->h_addr)))) {
+					if (!(hp = ast_gethostbyname(tmp->value, &ahp)) || memcmp(hp->h_addr, &sin->sin_addr, hp->h_length)) {
 						/* No match */
 						ast_variables_destroy(var);
 						var = NULL;
@@ -4557,7 +4557,7 @@
 				if (!strcasecmp(tmp->name, "host")) {
 					struct ast_hostent ahp;
 					struct hostent *hp;
-					if (!(hp = ast_gethostbyname(tmp->value, &ahp)) || (memcmp(hp->h_addr, &sin->sin_addr, sizeof(hp->h_addr)))) {
+					if (!(hp = ast_gethostbyname(tmp->value, &ahp)) || memcmp(hp->h_addr, &sin->sin_addr, hp->h_length)) {
 						/* No match */
 						ast_variables_destroy(var);
 						var = NULL;




More information about the asterisk-commits mailing list