[svn-commits] coreyfarrell: branch 1.8 r415060 -	/branches/1.8/apps/app_confbridge.c
    SVN commits to the Digium repositories 
    svn-commits at lists.digium.com
       
    Wed Jun  4 02:18:12 CDT 2014
    
    
  
Author: coreyfarrell
Date: Wed Jun  4 02:18:05 2014
New Revision: 415060
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=415060
Log:
app_confbridge: Correct verification of conference name length
Conference names were not checked for maximum length, allowing unexpected
behaviour.  This change adds checking to ensure the maximum length is not
exceeded.  The maximum length is also changed from 32 to AST_MAX_EXTENSION.
ASTERISK-23035 #close
Reported by: Iñaki Cívico
Tested by: Iñaki Cívico
Patches:
    confbridge-enforce_max-1.8.patch uploaded by coreyfarrell (license 5909)
    confbridge-enforce_max-11up.patch uploaded by coreyfarrell (license 5909)
Modified:
    branches/1.8/apps/app_confbridge.c
Modified: branches/1.8/apps/app_confbridge.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.8/apps/app_confbridge.c?view=diff&rev=415060&r1=415059&r2=415060
==============================================================================
--- branches/1.8/apps/app_confbridge.c (original)
+++ branches/1.8/apps/app_confbridge.c Wed Jun  4 02:18:05 2014
@@ -149,7 +149,7 @@
 });
 
 /* Maximum length of a conference bridge name */
-#define MAX_CONF_NAME 32
+#define MAX_CONF_NAME AST_MAX_EXTENSION
 
 /* Number of buckets our conference bridges container can have */
 #define CONFERENCE_BRIDGE_BUCKETS 53
@@ -735,15 +735,20 @@
 		AST_APP_ARG(options);
 	);
 
-	if (ast_strlen_zero(data)) {
+	/* We need to make a copy of the input string if we are going to modify it! */
+	parse = ast_strdupa(data);
+
+	AST_STANDARD_APP_ARGS(args, parse);
+
+	if (ast_strlen_zero(args.conf_name)) {
 		ast_log(LOG_WARNING, "%s requires an argument (conference name[,options])\n", app);
 		return -1;
 	}
 
-	/* We need to make a copy of the input string if we are going to modify it! */
-	parse = ast_strdupa(data);
-
-	AST_STANDARD_APP_ARGS(args, parse);
+	if (strlen(args.conf_name) >= MAX_CONF_NAME) {
+		ast_log(LOG_WARNING, "%s does not accept conference names longer than %d\n", app, MAX_CONF_NAME - 1);
+		return -1;
+	}
 
 	if (args.argc == 2) {
 		ast_app_parse_options(app_opts, &conference_bridge_user.flags, conference_bridge_user.opt_args, args.options);
    
    
More information about the svn-commits
mailing list