[sr-dev] git:3.3: rr: use port. len to check for buffer overflow instead of max port len

Henning Westerholt Fri, 19 Apr 2013 02:05:10 -0700

Module: sip-router
Branch: 3.3
Commit: bcc0888bea5b5e0d105de7e5ebcedc8e1b8836ae
URL:    
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=bcc0888bea5b5e0d105de7e5ebcedc8e1b8836ae


Author: Henning Westerholt <[email protected]>
Committer: Henning Westerholt <[email protected]>
Date:   Fri Apr 19 11:04:39 2013 +0200

rr: use port.len to check for buffer overflow instead of max port len

    - reported by Kevin Wojtysiak
    (from commit 28a8b87885e373bee8cc81985277ae718973fdfd)

---

 modules_k/rr/loose.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/modules_k/rr/loose.c b/modules_k/rr/loose.c
index f5d869f..c33ae2d 100644
--- a/modules_k/rr/loose.c
+++ b/modules_k/rr/loose.c
@@ -366,7 +366,7 @@ static inline int get_maddr_uri(str *uri, struct sip_uri 
*puri)
                return 0;
 
        /* sip: + maddr + : + port */
-       if( (puri->maddr_val.len) > (127 - 10) )
+       if( (puri->maddr_val.len) > (127 - 6 - puri->port.len) )
        {
                LM_ERR( "Too long maddr parameter\n");
                return RR_ERROR;


_______________________________________________
sr-dev mailing list
[email protected]
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev

[sr-dev] git:3.3: rr: use port. len to check for buffer overflow instead of max port len

Reply via email to