From: Matthew Jordan Date: Fri, 3 Jan 2014 21:13:30 +0000 (+0000) Subject: res_pjsip_authenticator_digest: Fix md5 hash buffer X-Git-Tag: 13.0.0-beta1~684 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c6df713da7c279723370a59bc13a459260a89a63;p=thirdparty%2Fasterisk.git res_pjsip_authenticator_digest: Fix md5 hash buffer An md5 hash is 32 bytes long. The char buffer must be at least 33 bytes to avoid clobbering of the stack. This patch also fixes a potential clobbering in test_utils.c. Thanks to Andrew Nagy for reporting and testing this out in #asterisk-dev Reported by: Andrew Nagy Tested by: Andrew Nagy ........ Merged revisions 404843 from http://svn.asterisk.org/svn/asterisk/branches/12 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@404844 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/res/res_pjsip_authenticator_digest.c b/res/res_pjsip_authenticator_digest.c index e0f633fceb..3485a69af2 100644 --- a/res/res_pjsip_authenticator_digest.c +++ b/res/res_pjsip_authenticator_digest.c @@ -200,7 +200,7 @@ static int build_nonce(struct ast_str **nonce, const char *timestamp, const pjsi { struct ast_str *str = ast_str_alloca(256); RAII_VAR(char *, eid, ao2_global_obj_ref(entity_id), ao2_cleanup); - char hash[32]; + char hash[33]; ast_str_append(&str, 0, "%s", timestamp); ast_str_append(&str, 0, ":%s", rdata->pkt_info.src_name); diff --git a/tests/test_utils.c b/tests/test_utils.c index f956e5b27b..9150fccf41 100644 --- a/tests/test_utils.c +++ b/tests/test_utils.c @@ -202,7 +202,7 @@ AST_TEST_DEFINE(md5_test) ast_test_status_update(test, "Testing MD5 ...\n"); for (i = 0; i < ARRAY_LEN(tests); i++) { - char md5_hash[32]; + char md5_hash[33]; ast_md5_hash(md5_hash, tests[i].input); if (strcasecmp(md5_hash, tests[i].expected_output)) { ast_test_status_update(test,