[Asterisk-cvs] asterisk/channels chan_skinny.c,1.27.2.3,1.27.2.4
markster at lists.digium.com
markster at lists.digium.com
Wed May 26 19:03:02 CDT 2004
Update of /usr/cvsroot/asterisk/channels
In directory mongoose.digium.com:/tmp/cvs-serv30245/channels
Modified Files:
Tag: v1-0_stable
chan_skinny.c
Log Message:
Perform proper bounds checking on skinny reads (thanks to johnny at prophecy.net.nz)
Index: chan_skinny.c
===================================================================
RCS file: /usr/cvsroot/asterisk/channels/chan_skinny.c,v
retrieving revision 1.27.2.3
retrieving revision 1.27.2.4
diff -u -d -r1.27.2.3 -r1.27.2.4
--- chan_skinny.c 22 Apr 2004 00:50:11 -0000 1.27.2.3
+++ chan_skinny.c 26 May 2004 23:17:34 -0000 1.27.2.4
@@ -2276,6 +2276,8 @@
return -1;
}
dlen = *(int *)s->inbuf;
+ if (dlen + 8 > sizeof(s->inbuf))
+ dlen = sizeof(s->inbuf) - 8;
res = read(s->fd, s->inbuf+4, dlen+4);
ast_mutex_unlock(&s->lock);
if (res != (dlen+4)) {
More information about the svn-commits
mailing list