Summary: | ASTERISK-01146: [patch] app_voicemail strncpy() auditing | ||
Reporter: | fossil (fossil) | Labels: | |
Date Opened: | 2004-03-03 20:06:39.000-0600 | Date Closed: | 2008-01-15 14:46:21.000-0600 |
Priority: | Minor | Regression? | No |
Status: | Closed/Complete | Components: | Core/General |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ( 0) app_voicemail.patch | |
Description: | Some strncpy()s in app_voicemail.c can potentially not null-term certain strings/struct members. Patch attached. | ||
Comments: | By: fossil (fossil) 2004-03-03 20:23:35.000-0600 Some macro that does strncpy(dst, src, sizeof(dst) - 1); dst[sizeof(dst) - 1] = 0; should probably be used instead of all those *trivial* strncpy()s. This macro would properly null-term every copied string, just in case. Although, such macro can be dangerous when one forgets what it does. By: Mark Spencer (markster) 2004-03-08 00:12:40.000-0600 Fixed in CVS. Good eye! By: Digium Subversion (svnbot) 2008-01-15 14:46:20.000-0600 Repository: asterisk Revision: 2370 U trunk/apps/app_voicemail.c ------------------------------------------------------------------------ r2370 | markster | 2008-01-15 14:46:20 -0600 (Tue, 15 Jan 2008) | 2 lines Fix strncpy auditing (bug ASTERISK-1146) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=2370 By: Digium Subversion (svnbot) 2008-01-15 14:46:21.000-0600 Repository: asterisk Revision: 2371 U branches/v1-0_stable/apps/app_voicemail.c ------------------------------------------------------------------------ r2371 | markster | 2008-01-15 14:46:21 -0600 (Tue, 15 Jan 2008) | 2 lines Fix strncpy auditing (bug ASTERISK-1146) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=2371 |