[svn-commits] sgriepentrog: branch 13 r429223 -	/branches/13/main/asterisk.c
    SVN commits to the Digium repositories 
    svn-commits at lists.digium.com
       
    Tue Dec  9 14:46:23 CST 2014
    
    
  
Author: sgriepentrog
Date: Tue Dec  9 14:46:17 2014
New Revision: 429223
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=429223
Log:
core: avoid possible asterisk -r crash from long id
When connecting to the remote console, an id string
is first provided that consts of the hostname, pid,
and version.  This is parsed by the remote instance
using a buffer that may be too short, and can allow
a buffer overrun because it is not terminated. This
patch adds termination and a larger buffer.
Review: https://reviewboard.asterisk.org/r/4182/
Modified:
    branches/13/main/asterisk.c
Modified: branches/13/main/asterisk.c
URL: http://svnview.digium.com/svn/asterisk/branches/13/main/asterisk.c?view=diff&rev=429223&r1=429222&r2=429223
==============================================================================
--- branches/13/main/asterisk.c (original)
+++ branches/13/main/asterisk.c Tue Dec  9 14:46:17 2014
@@ -3200,7 +3200,7 @@
 
 static void ast_remotecontrol(char *data)
 {
-	char buf[80];
+	char buf[256] = "";
 	int res;
 	char filename[80] = "";
 	char *hostname;
@@ -3217,7 +3217,7 @@
 	signal(SIGTERM, __remote_quit_handler);
 	signal(SIGHUP, __remote_quit_handler);
 
-	if (read(ast_consock, buf, sizeof(buf)) < 0) {
+	if (read(ast_consock, buf, sizeof(buf) - 1) < 0) {
 		ast_log(LOG_ERROR, "read() failed: %s\n", strerror(errno));
 		return;
 	}
    
    
More information about the svn-commits
mailing list