Module: kamailio Branch: 5.0 Commit: 0bf66e01329d4cfe8810586bb3735fbb11dbb0e0 URL: https://github.com/kamailio/kamailio/commit/0bf66e01329d4cfe8810586bb3735fbb11dbb0e0
Author: Ovidiu Sas <[email protected]> Committer: Ovidiu Sas <[email protected]> Date: 2019-05-10T10:14:31-04:00 db_text: avoid buffer overflow for large names and/or values in db_text files (cherry picked from commit 20febb28402a2e1ef3c23fda6db0825ae64affc6) --- Modified: src/modules/db_text/dbt_file.c --- Diff: https://github.com/kamailio/kamailio/commit/0bf66e01329d4cfe8810586bb3735fbb11dbb0e0.diff Patch: https://github.com/kamailio/kamailio/commit/0bf66e01329d4cfe8810586bb3735fbb11dbb0e0.patch --- diff --git a/src/modules/db_text/dbt_file.c b/src/modules/db_text/dbt_file.c index 66984bae5a..4a6a8a95e5 100644 --- a/src/modules/db_text/dbt_file.c +++ b/src/modules/db_text/dbt_file.c @@ -124,7 +124,7 @@ dbt_table_p dbt_load_file(const str *tbn, const str *dbn) return NULL; } - buf = pkg_malloc(_db_text_read_buffer_size); + buf = pkg_malloc(_db_text_read_buffer_size+1); if(!buf) { LM_ERR("error allocating read buffer, %i\n", _db_text_read_buffer_size); goto done; @@ -173,6 +173,12 @@ dbt_table_p dbt_load_file(const str *tbn, const str *dbn) if(c==EOF) goto clean; buf[bp++] = c; + if (bp==_db_text_read_buffer_size) { + LM_ERR("Buffer overflow for file [%s] row=[%d] col=[%d] c=[%c]." + " Please increase 'file_buffer_size' param!\n", + path, crow+1, ccol+1, c); + goto clean; + } c = fgetc(fin); } colp = dbt_column_new(buf, bp); @@ -454,6 +460,12 @@ dbt_table_p dbt_load_file(const str *tbn, const str *dbn) } } buf[bp++] = c; + if (bp==_db_text_read_buffer_size) { + LM_ERR("Buffer overflow for file [%s] row=[%d] col=[%d] c=[%c]." + " Please increase 'file_buffer_size' param!\n", + path, crow+1, ccol+1, c); + goto clean; + } c = fgetc(fin); } dtval.val.str_val.s = buf; _______________________________________________ Kamailio (SER) - Development Mailing List [email protected] https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev
