From 91bdaa9251578e4768a0d78251e7743e2d065b5f Mon Sep 17 00:00:00 2001 From: Gianluca Merlo Date: Sat, 19 Mar 2016 02:32:51 +0100 Subject: [PATCH] func_aes: fix misuse of strlen on binary data The encryption code for AES_ENCRYPT evaluates the length of the data to be encoded in base64 using strlen. The data is binary, thus the length of it can be underestimated at the first NULL character. Reuse the write pointer offset to evaluate it, instead. ASTERISK-25857 #close Change-Id: If686b5d570473eb926693c73461177b35b13b186 --- funcs/func_aes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/funcs/func_aes.c b/funcs/func_aes.c index 2e1959cd8f..1d281a7e8d 100644 --- a/funcs/func_aes.c +++ b/funcs/func_aes.c @@ -146,7 +146,7 @@ static int aes_helper(struct ast_channel *chan, const char *cmd, char *data, } if (encrypt) { /* if encrypting encode result to base64 */ - ast_base64encode(buf, (unsigned char *) tmp, strlen(tmp), len); + ast_base64encode(buf, (unsigned char *) tmp, tmpP - tmp, len); } else { memcpy(buf, tmp, len); } -- 2.47.2