[Asterisk-cvs] asterisk pbx.c,1.154.2.12,1.154.2.13
russell at lists.digium.com
russell at lists.digium.com
Thu Jul 28 13:34:22 CDT 2005
Update of /usr/cvsroot/asterisk
In directory mongoose.digium.com:/tmp/cvs-serv4427
Modified Files:
Tag: v1-0
pbx.c
Log Message:
fix potential seg fault when using LEN() with a string greater than 80 characters (bug #4839)
Index: pbx.c
===================================================================
RCS file: /usr/cvsroot/asterisk/pbx.c,v
retrieving revision 1.154.2.12
retrieving revision 1.154.2.13
diff -u -d -r1.154.2.12 -r1.154.2.13
--- pbx.c 14 Jun 2005 18:41:48 -0000 1.154.2.12
+++ pbx.c 28 Jul 2005 17:40:46 -0000 1.154.2.13
@@ -835,21 +835,22 @@
if (c)
headp=&c->varshead;
+
*ret=NULL;
- /* Now we have the variable name on cp3 */
+
if (!strncasecmp(var,"LEN(",4)) { /* ${LEN(<string>)} */
- int len=strlen(var);
- int len_len=4;
- if (strrchr(var,')')) {
- char cp3[80];
- strncpy(cp3, var, sizeof(cp3) - 1);
- cp3[len-len_len-1]='\0';
- sprintf(workspace,"%d",(int)strlen(cp3));
- *ret = workspace;
- } else {
- /* length is zero */
- *ret = "0";
+ char *endparen, *string = ast_strdupa(var + 4);
+ int len = 0;
+ if (!string) {
+ ast_log(LOG_WARNING, "Out of memory!\n");
+ return;
}
+ if ((endparen = strrchr(string,')'))) {
+ *endparen = '\0';
+ len = strlen(string);
+ }
+ sprintf(workspace, "%d", len);
+ *ret = workspace;
} else if ((first=strchr(var,':'))) { /* : Remove characters counting from end or start of string */
strncpy(tmpvar, var, sizeof(tmpvar) - 1);
first = strchr(tmpvar, ':');
More information about the svn-commits
mailing list