From: Mark Michelson <mmichelson@digium.com>
Date: Fri, 20 Jan 2012 20:26:55 +0000 (+0000)
Subject: Prevent potential buffer overflow on AMI MixMonitor command.
X-Git-Tag: 11.0.0-beta1~759
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b98a25ef93a296263b5e22f6c81efb8fd6186031;p=thirdparty%2Fasterisk.git

Prevent potential buffer overflow on AMI MixMonitor command.

Don't be alarmed. This only affected trunk, and it would have
required manager access to your system.



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@351900 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---

diff --git a/apps/app_mixmonitor.c b/apps/app_mixmonitor.c
index b7d40f3f76..99dc7a4a89 100644
--- a/apps/app_mixmonitor.c
+++ b/apps/app_mixmonitor.c
@@ -923,9 +923,7 @@ static int manager_mixmonitor(struct mansession *s, const struct message *m)
 		return AMI_SUCCESS;
 	}
 
-	strcpy(args, file);
-	strcat(args, ",");
-	strcat(args, options);
+	snprintf(args, sizeof(args), "%s,%s", file, options);
 
 	ast_channel_lock(c);
 	res = mixmonitor_exec(c, args);