----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviewboard.asterisk.org/r/4182/#review13752 -----------------------------------------------------------
I typically take issue with patches like this because it's not actually fixing where the crash is occurring. As you said in the review, it reduces the chance of the bug occurring, but it has not mended the defect. - Mark Michelson On Nov. 13, 2014, 8:31 p.m., Scott Griepentrog wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviewboard.asterisk.org/r/4182/ > ----------------------------------------------------------- > > (Updated Nov. 13, 2014, 8:31 p.m.) > > > Review request for Asterisk Developers. > > > Repository: Asterisk > > > Description > ------- > > When connecting to the remote console, an identifier string is first provided > that consists of hostname/pid/version. This is parsed by the remote instance > in a buffer allocated to only 80 bytes. It is possible for a combination of > very long hostname and very long asterisk version number to be greater than > 80 characters, causing the parsing to fall off the end of the allocated > memory buffer and potentially crash. > > This change increases the buffer from 80 to 256 to significantly reduce that > possibility. > > > Diffs > ----- > > /branches/13/main/asterisk.c 427813 > > Diff: https://reviewboard.asterisk.org/r/4182/diff/ > > > Testing > ------- > > It stopped crashing on a repeated test I was running where the atoi of the > version # happen to hit the end of the buffer. > > > Thanks, > > Scott Griepentrog > >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
