<p>Benjamin Keith Ford <strong>submitted</strong> this change.</p><p><a href="https://gerrit.asterisk.org/c/asterisk/+/19650">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span></span><br></pre><div style="white-space:pre-wrap">Approvals:
Benjamin Keith Ford: Looks good to me, approved; Approved for Submit
Friendly Automation: Verified
</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">ooh323c: not checking for IE minimum length<br><br>When decoding q.931 encoded calling/called number<br>now checking for length being less than minimum required.<br><br>ASTERISK-30103<br><br>Change-Id: I3dcfce0f35eca258dc450f87c92d4d7af402c2e7<br>---<br>M addons/ooh323c/src/ooq931.c<br>1 file changed, 23 insertions(+), 6 deletions(-)<br><br></pre>
<pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/addons/ooh323c/src/ooq931.c b/addons/ooh323c/src/ooq931.c</span><br><span>index fe8b06e..b7bcba8 100644</span><br><span>--- a/addons/ooh323c/src/ooq931.c</span><br><span>+++ b/addons/ooh323c/src/ooq931.c</span><br><span>@@ -192,11 +192,13 @@</span><br><span> screening indicators ;-) */</span><br><span> if(ie->discriminator == Q931CallingPartyNumberIE)</span><br><span> {</span><br><span style="color: hsl(120, 100%, 40%);">+ int numoffset=1;</span><br><span> OOTRACEDBGB1(" CallingPartyNumber IE = {\n");</span><br><span style="color: hsl(0, 100%, 40%);">- if(ie->length < OO_MAX_NUMBER_LENGTH)</span><br><span style="color: hsl(120, 100%, 40%);">+ if(!(0x80 & ie->data[0])) numoffset = 2;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ if( (ie->length >= numoffset) &&</span><br><span style="color: hsl(120, 100%, 40%);">+ (ie->length < OO_MAX_NUMBER_LENGTH) )</span><br><span> {</span><br><span style="color: hsl(0, 100%, 40%);">- int numoffset=1;</span><br><span style="color: hsl(0, 100%, 40%);">- if(!(0x80 & ie->data[0])) numoffset = 2;</span><br><span> memcpy(number, ie->data+numoffset,ie->length-numoffset);</span><br><span> number[ie->length-numoffset]='\0';</span><br><span> OOTRACEDBGB2(" %s\n", number);</span><br><span>@@ -204,7 +206,7 @@</span><br><span> ooCallSetCallingPartyNumber(call, number);</span><br><span> }</span><br><span> else{</span><br><span style="color: hsl(0, 100%, 40%);">- OOTRACEERR3("Error:Calling party number too long. (%s, %s)\n",</span><br><span style="color: hsl(120, 100%, 40%);">+ OOTRACEERR3("Error:Calling party number outside range. (%s, %s)\n",</span><br><span> call->callType, call->callToken);</span><br><span> }</span><br><span> OOTRACEDBGB1(" }\n");</span><br><span>@@ -214,7 +216,8 @@</span><br><span> if(ie->discriminator == Q931CalledPartyNumberIE)</span><br><span> {</span><br><span> OOTRACEDBGB1(" CalledPartyNumber IE = {\n");</span><br><span style="color: hsl(0, 100%, 40%);">- if(ie->length < OO_MAX_NUMBER_LENGTH)</span><br><span style="color: hsl(120, 100%, 40%);">+ if( (ie->length >= 1) &&</span><br><span style="color: hsl(120, 100%, 40%);">+ (ie->length < OO_MAX_NUMBER_LENGTH) )</span><br><span> {</span><br><span> memcpy(number, ie->data+1,ie->length-1);</span><br><span> number[ie->length-1]='\0';</span><br><span>@@ -223,7 +226,7 @@</span><br><span> ooCallSetCalledPartyNumber(call, number);</span><br><span> }</span><br><span> else{</span><br><span style="color: hsl(0, 100%, 40%);">- OOTRACEERR3("Error:Calling party number too long. (%s, %s)\n",</span><br><span style="color: hsl(120, 100%, 40%);">+ OOTRACEERR3("Error:Calling party number outside range. (%s, %s)\n",</span><br><span> call->callType, call->callToken);</span><br><span> }</span><br><span> OOTRACEDBGB1(" }\n");</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/c/asterisk/+/19650">change 19650</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/c/asterisk/+/19650"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: certified/18.9 </div>
<div style="display:none"> Gerrit-Change-Id: I3dcfce0f35eca258dc450f87c92d4d7af402c2e7 </div>
<div style="display:none"> Gerrit-Change-Number: 19650 </div>
<div style="display:none"> Gerrit-PatchSet: 2 </div>
<div style="display:none"> Gerrit-Owner: Friendly Automation </div>
<div style="display:none"> Gerrit-Reviewer: Benjamin Keith Ford <bford@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Friendly Automation </div>
<div style="display:none"> Gerrit-CC: Michael Bradeen <mbradeen@sangoma.com> </div>
<div style="display:none"> Gerrit-MessageType: merged </div>