res_crypto.c: Gracefully handle potential key filename truncation.

author Sean Bright <sean@seanbright.com>

Mon, 5 Jun 2023 14:49:11 +0000 (10:49 -0400)

committer asterisk-org-access-app[bot] <120671045+asterisk-org-access-app[bot]@users.noreply.github.com>

Mon, 12 Jun 2023 17:20:31 +0000 (17:20 +0000)
author Sean Bright <sean@seanbright.com>
Mon, 5 Jun 2023 14:49:11 +0000 (10:49 -0400)
committer asterisk-org-access-app[bot] <120671045+asterisk-org-access-app[bot]@users.noreply.github.com>
Mon, 12 Jun 2023 17:20:31 +0000 (17:20 +0000)
diff --git a/res/res_crypto.c b/res/res_crypto.c

index 838e3a3de323010c4240ace7fadc993aef7699ae..41ca143331039baae7a798c20028e0a08a5ce696 100644 (file)
--- a/res/res_crypto.c
+++ b/res/res_crypto.c
@@ -196,7 +196,14 @@ static struct ast_key *try_load_key(const char *dir, const char *fname, int ifd,
         }
  
         /* Get actual filename */
-       snprintf(ffname, sizeof(ffname), "%s/%s", dir, fname);
+       n = snprintf(ffname, sizeof(ffname), "%s/%s", dir, fname);
+       if (n >= sizeof(ffname)) {
+               ast_log(LOG_WARNING,
+                       "Key filenames can be up to %zu bytes long, but the filename for the"
+                       " key we are currently trying to load (%s/%s) is %d bytes long.",
+                       sizeof(ffname) - 1, dir, fname, n);
+               return NULL;
+       }
  
         /* Open file */
         if (!(f = fopen(ffname, "r"))) {
author	Sean Bright <sean@seanbright.com>
	Mon, 5 Jun 2023 14:49:11 +0000 (10:49 -0400)
committer	asterisk-org-access-app[bot] <120671045+asterisk-org-access-app[bot]@users.noreply.github.com>
	Mon, 12 Jun 2023 17:20:31 +0000 (17:20 +0000)