[Asterisk-code-review] app_voicemail_odbc: Fix string overflow warning. (asterisk[master])
N A
asteriskteam at digium.com
Mon Nov 14 07:14:06 CST 2022
N A has uploaded this change for review. ( https://gerrit.asterisk.org/c/asterisk/+/19563 )
Change subject: app_voicemail_odbc: Fix string overflow warning.
......................................................................
app_voicemail_odbc: Fix string overflow warning.
When using ast_copy_string, gcc complains about
a potential negative offset, so use strncpy instead.
Additionally, although it doesn't currently complain
about it, the size of a buffer is increased to
accomodate the maximum size contents it could have.
ASTERISK-30240 #close
Change-Id: I8eecedf14d3f2a75864797f802277cac89a32877
---
M apps/app_voicemail.c
1 file changed, 23 insertions(+), 3 deletions(-)
git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/63/19563/1
diff --git a/apps/app_voicemail.c b/apps/app_voicemail.c
index 510e15d..5c7dea9 100644
--- a/apps/app_voicemail.c
+++ b/apps/app_voicemail.c
@@ -4482,14 +4482,16 @@
static int remove_file(char *dir, int msgnum)
{
char fn[PATH_MAX];
- char full_fn[PATH_MAX];
+ char full_fn[PATH_MAX + 4];
char msgnums[80];
if (msgnum > -1) {
snprintf(msgnums, sizeof(msgnums), "%d", msgnum);
make_file(fn, sizeof(fn), dir, msgnum);
- } else
- ast_copy_string(fn, dir, sizeof(fn));
+ } else {
+ strncpy(fn, dir, sizeof(fn));
+ fn[sizeof(fn) - 1] = '\0';
+ }
ast_filedelete(fn, NULL);
snprintf(full_fn, sizeof(full_fn), "%s.txt", fn);
unlink(full_fn);
--
To view, visit https://gerrit.asterisk.org/c/asterisk/+/19563
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Change-Id: I8eecedf14d3f2a75864797f802277cac89a32877
Gerrit-Change-Number: 19563
Gerrit-PatchSet: 1
Gerrit-Owner: N A <asterisk at phreaknet.org>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20221114/7b718a64/attachment.html>
More information about the asterisk-code-review
mailing list