]> git.ipfire.org Git - thirdparty/asterisk.git/commitdiff
projects / thirdparty / asterisk.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9ff74a2)
Fix a couple uses of sprintf. The second one could actually cause an overflow
authorRussell Bryant <russell@russellbryant.com>
Thu, 13 Mar 2008 20:26:28 +0000 (20:26 +0000)
committerRussell Bryant <russell@russellbryant.com>
Thu, 13 Mar 2008 20:26:28 +0000 (20:26 +0000)
of a stack buffer.  It's not a security issue though, it only depends on your
configuration.

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@108469 65c4cc65-6c06-0410-ace0-fbb531ad65f3

apps/app_followme.c patch | blob | blame | history

diff --git a/apps/app_followme.c b/apps/app_followme.c
index 78f5c70cf4b13ea1ad2897015b0dfe9f4d314997..d383cf989515582392f64046a8bd2c20c5fdf0f9 100644 (file)
--- a/apps/app_followme.c
+++ b/apps/app_followme.c
@@ -818,9 +818,9 @@ static void findmeexec(struct fm_args *tpargs)
                        }
 
                        if (!strcmp(tpargs->context, ""))
-                               sprintf(dialarg, "%s", number);
+                               snprintf(dialarg, sizeof(dialarg), "%s", number);
                        else
-                               sprintf(dialarg, "%s@%s", number, tpargs->context);
+                               snprintf(dialarg, sizeof(dialarg), "%s@%s", number, tpargs->context);
                                        
                        tmpuser = ast_calloc(1, sizeof(*tmpuser));
                        if (!tmpuser) {
Mirror of https://github.com/asterisk/asterisk.git