From e1e05ad198cea5261146e5bf2d2d5f1d23e54316 Mon Sep 17 00:00:00 2001 From: Mark Michelson Date: Tue, 8 Apr 2008 19:07:38 +0000 Subject: [PATCH] Fix potential buffer overflow that could happen if more than 100 announce files were specified when calling ParkAndAnnounce. This overflow is not exploitable remotely and so there is no need for a security advisory. (closes issue #12386) Reported by: davidw git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@113507 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- apps/app_parkandannounce.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/app_parkandannounce.c b/apps/app_parkandannounce.c index b4e9006fb3..0e89c73ac0 100644 --- a/apps/app_parkandannounce.c +++ b/apps/app_parkandannounce.c @@ -211,7 +211,7 @@ static int parkandannounce_exec(struct ast_channel *chan, void *data) tpl_working = template; tpl_current=strsep(&tpl_working, ":"); - while(tpl_current && looptemp < sizeof(tmp)) { + while(tpl_current && looptemp < ARRAY_LEN(tmp)) { tmp[looptemp]=tpl_current; looptemp++; tpl_current=strsep(&tpl_working,":"); -- 2.47.3