[Asterisk-cvs] asterisk/channels chan_h323.c,1.70,1.71
markster at lists.digium.com
markster at lists.digium.com
Fri Jul 30 16:15:55 CDT 2004
Update of /usr/cvsroot/asterisk/channels
In directory localhost.localdomain:/tmp/cvs-serv1448/channels
Modified Files:
chan_h323.c
Log Message:
Fix potential overflow in H.323
Index: chan_h323.c
===================================================================
RCS file: /usr/cvsroot/asterisk/channels/chan_h323.c,v
retrieving revision 1.70
retrieving revision 1.71
diff -u -d -r1.70 -r1.71
--- chan_h323.c 22 Jul 2004 04:24:50 -0000 1.70
+++ chan_h323.c 30 Jul 2004 20:01:58 -0000 1.71
@@ -173,6 +173,9 @@
when it's doing something critical. */
AST_MUTEX_DEFINE_STATIC(monlock);
+/* Avoid two chan to pass capabilities simultaneaously to the h323 stack. */
+AST_MUTEX_DEFINE_STATIC(caplock);
+
/* This is the thread for the monitor which checks for input on the channels
which are not currently in use. */
static pthread_t monitor_thread = AST_PTHREADT_NULL;
@@ -423,6 +426,11 @@
ast_log(LOG_DEBUG, "dest=%s, timeout=%d.\n", dest, timeout);
+ if (strlen(dest) > sizeof(called_addr) - 1) {
+ ast_log(LOG_DEBUG, "Destination is too long (%d)\n", strlen(dest));
+ return -1;
+ }
+
if ((c->_state != AST_STATE_DOWN) && (c->_state != AST_STATE_RESERVED)) {
ast_log(LOG_WARNING, "Line is already in use (%s)\n", c->name);
return -1;
@@ -443,8 +451,8 @@
}
/* Build the address to call */
- memset(called_addr, 0, sizeof(dest));
- memcpy(called_addr, dest, sizeof(called_addr));
+ memset(called_addr, 0, sizeof(called_addr));
+ memcpy(called_addr, dest, strlen(dest));
/* Copy callerid, if there is any */
if (c->callerid) {
@@ -890,7 +898,9 @@
}
}
/* pass on our preferred codec to the H.323 stack */
+ ast_mutex_lock(&caplock);
h323_set_capability(format, dtmfmode);
+ ast_mutex_unlock(&caplock);
if (ext) {
strncpy(p->username, ext, sizeof(p->username) - 1);
@@ -1725,6 +1735,7 @@
}
cat = ast_category_browse(cfg, cat);
}
+ ast_destroy(cfg);
/* Register our H.323 aliases if any*/
while (alias) {
@@ -1736,11 +1747,13 @@
}
/* Add some capabilities */
+ ast_mutex_lock(&caplock);
if(h323_set_capability(capability, dtmfmode)) {
ast_log(LOG_ERROR, "Capabilities failure, this is bad.\n");
+ ast_mutex_unlock(&caplock);
return -1;
- }
- ast_destroy(cfg);
+ }
+ ast_mutex_unlock(&caplock);
return 0;
}
More information about the svn-commits
mailing list