]> git.ipfire.org Git - thirdparty/asterisk.git/commitdiff
projects / thirdparty / asterisk.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 43621b0)
Prevent potential buffer overflow on AMI MixMonitor command.
authorMark Michelson <mmichelson@digium.com>
Fri, 20 Jan 2012 20:26:55 +0000 (20:26 +0000)
committerMark Michelson <mmichelson@digium.com>
Fri, 20 Jan 2012 20:26:55 +0000 (20:26 +0000)
Don't be alarmed. This only affected trunk, and it would have
required manager access to your system.

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@351900 65c4cc65-6c06-0410-ace0-fbb531ad65f3

apps/app_mixmonitor.c patch | blob | blame | history

diff --git a/apps/app_mixmonitor.c b/apps/app_mixmonitor.c
index b7d40f3f76b00bb295a760ac2e9ee9d5f2272e77..99dc7a4a89eb639e2d9c1ab6fccc7b03d8891f66 100644 (file)
--- a/apps/app_mixmonitor.c
+++ b/apps/app_mixmonitor.c
@@ -923,9 +923,7 @@ static int manager_mixmonitor(struct mansession *s, const struct message *m)
                return AMI_SUCCESS;
        }
 
-       strcpy(args, file);
-       strcat(args, ",");
-       strcat(args, options);
+       snprintf(args, sizeof(args), "%s,%s", file, options);
 
        ast_channel_lock(c);
        res = mixmonitor_exec(c, args);
Mirror of https://github.com/asterisk/asterisk.git