git.ipfire.org Git - thirdparty/asterisk.git/commit

author	Richard Mudgett <rmudgett@digium.com>
	Tue, 3 Oct 2017 21:19:52 +0000 (16:19 -0500)
committer	George Joseph <gjoseph@digium.com>
	Wed, 8 Nov 2017 12:39:47 +0000 (05:39 -0700)
commit	9670040e2eac80978f4ecbc0cbae341adcbcf39b
tree	f4581573340f3537801c2c02196d4c2c4e8d72e3	tree \| snapshot
parent	9c7c441a0fa70b4a5cbec4588f8a658c717849e5	commit \| diff

AST-2017-010: Fix cdr_object_update_party_b_userfield_cb() buf overrun

cdr_object_update_party_b_userfield_cb() could overrun the fixed buffer if
the supplied string is too long. The long string could be supplied by
external means using the CDR(userfield) function.

This may seem reminiscent to AST-2017-001 (ASTERISK_26897) and it is. The
earlier patch fixed the buffer overrun for Party A's userfield while this
patch fixes the same thing for Party B's userfield.

ASTERISK-27337

Change-Id: I0fa767f65ecec7e676ca465306ff9e0edbf3b652