This patch fixes two problems pointed out by a static analysis tool.
* In chan_dahdi, when an event is handled the index of the sub channel is first
obtained. In very off nominal cases, the method that determines the index
can return a negative value. In the event handling code, whether or not
the index returned is valid was being checked after that value was used to
index into an array. This patch makes it so the value is checked before
any indexing is done.
* In res_calendar_ews, sizeof was being passed a pointer instead of the struct to
determine the amount of memory to allocate.
(issue ASTERISK-19651)
Reported by: Matt Jordan
(closes issue ASTERISK-19671)
Reported by: Matt Jordan
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@366740
65c4cc65-6c06-0410-ace0-
fbb531ad65f3
struct ast_frame *f;
idx = dahdi_get_index(ast, p, 0);
+ if (idx < 0) {
+ return &ast_null_frame;
+ }
mysig = p->sig;
if (p->outsigmod > -1)
mysig = p->outsigmod;
p->subs[idx].f.data.ptr = NULL;
f = &p->subs[idx].f;
- if (idx < 0)
- return &p->subs[idx].f;
if (p->fake_event) {
res = p->fake_event;
p->fake_event = 0;
/* Event UID */
if (ctx->op == XML_OP_FIND) {
struct calendar_id *id;
- if (!(id = ast_calloc(1, sizeof(id)))) {
+ if (!(id = ast_calloc(1, sizeof(*id)))) {
return NE_XML_ABORT;
}
if (!(id->id = ast_str_create(256))) {
projects / thirdparty / asterisk.git / commitdiff
