git.ipfire.org Git - thirdparty/asterisk.git/commit

author	Richard Mudgett <rmudgett@digium.com>
	Tue, 3 Oct 2017 21:19:52 +0000 (16:19 -0500)
committer	George Joseph <gjoseph@digium.com>
	Wed, 8 Nov 2017 12:38:23 +0000 (05:38 -0700)
commit	8f7073be6d08029d222de8a17c5982fa28534e58
tree	05b857bde344ba4b192cec56e6ab258edfab9467	tree \| snapshot
parent	719ac573a6dea452f122da76ba17073dc6ee1164	commit \| diff

AST-2017-010: Fix cdr_object_update_party_b_userfield_cb() buf overrun

cdr_object_update_party_b_userfield_cb() could overrun the fixed buffer if
the supplied string is too long. The long string could be supplied by
external means using the CDR(userfield) function.

This may seem reminiscent to AST-2017-001 (ASTERISK_26897) and it is. The
earlier patch fixed the buffer overrun for Party A's userfield while this
patch fixes the same thing for Party B's userfield.

ASTERISK-27337

Change-Id: I0fa767f65ecec7e676ca465306ff9e0edbf3b652