git.ipfire.org Git - thirdparty/asterisk.git/commit

author	Richard Mudgett <rmudgett@digium.com>
	Tue, 3 Oct 2017 21:19:52 +0000 (16:19 -0500)
committer	George Joseph <gjoseph@digium.com>
	Wed, 8 Nov 2017 12:38:57 +0000 (05:38 -0700)
commit	178b372019b9a324034f0e3d6a34b67d616bd284
tree	45fc78213eb9f2eed807f75b5cf003c9da071296	tree
parent	1ee2ce8c703dd763d1779a877099640bb5cd46d0	commit \| diff

AST-2017-010: Fix cdr_object_update_party_b_userfield_cb() buf overrun

cdr_object_update_party_b_userfield_cb() could overrun the fixed buffer if
the supplied string is too long. The long string could be supplied by
external means using the CDR(userfield) function.

This may seem reminiscent to AST-2017-001 (ASTERISK_26897) and it is. The
earlier patch fixed the buffer overrun for Party A's userfield while this
patch fixes the same thing for Party B's userfield.

ASTERISK-27337

Change-Id: I0fa767f65ecec7e676ca465306ff9e0edbf3b652