Re: [asterisk-dev] [Code Review] 4182: core: avoid rasterisk crash due to long identifier

Fri, 14 Nov 2014 15:04:02 -0800 


> On Nov. 14, 2014, 4:08 p.m., Corey Farrell wrote:
> > /branches/13/main/asterisk.c, line 3203
> > <https://reviewboard.asterisk.org/r/4182/diff/2/?file=68987#file68987line3203>
> >
> >     Does this actually initialize 256 bytes of '\0', or just initialize the 
> > first byte?

Initializing a char array with "" or { 0 } sets the entire array to zero, 
whereas the values are undefined otherwise.


> On Nov. 14, 2014, 4:08 p.m., Corey Farrell wrote:
> > /branches/13/main/asterisk.c, lines 3220-3222
> > <https://reviewboard.asterisk.org/r/4182/diff/2/?file=68987#file68987line3220>
> >
> >     Space around '-'.
> >     
> >     Also why was the return removed?

I have absolutely no idea how that happened other than the vim ghost.


- Scott


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/4182/#review13777
-----------------------------------------------------------


On Nov. 14, 2014, 5:03 p.m., Scott Griepentrog wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/4182/
> -----------------------------------------------------------
> 
> (Updated Nov. 14, 2014, 5:03 p.m.)
> 
> 
> Review request for Asterisk Developers.
> 
> 
> Repository: Asterisk
> 
> 
> Description
> -------
> 
> When connecting to the remote console, an identifier string is first provided 
> that consists of hostname/pid/version.  This is parsed by the remote instance 
> in a buffer allocated to only 80 bytes.  It is possible for a combination of 
> very long hostname and very long asterisk version number to be greater than 
> 80 characters, causing the parsing to fall off the end of the allocated 
> memory buffer and potentially crash.
> 
> This change increases the buffer from 80 to 256 to significantly reduce that 
> possibility.
> 
> 
> Diffs
> -----
> 
>   /branches/13/main/asterisk.c 427948 
> 
> Diff: https://reviewboard.asterisk.org/r/4182/diff/
> 
> 
> Testing
> -------
> 
> It stopped crashing on a repeated test I was running where the atoi of the 
> version # happen to hit the end of the buffer.
> 
> 
> Thanks,
> 
> Scott Griepentrog
> 
>


-- 
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-dev

Reply via email to