|Summary:||ASTERISK-05737: [patch] keypad facility parsing / libpri_copy_string problem|
|Date Opened:||2005-11-29 13:15:13.000-0600||Date Closed:||2005-12-01 11:16:48.000-0600|
|Environment:||Attachments:||( 0) 20051129__bug5889__2.diff.txt|
|Description:||In receive_keypad_facility there is a bug when libpri_copy_string is being called with mylen=1, because the last byte is set to 0 to terminate the string. This makes it impossible to receive any 1 digit sized ie_keypad_facility message (which is the normal length).|
This patch fixes the problem by incrementing mylen if mylen==1. Please apply to cvs head.
|Comments:||By: Tilghman Lesher (tilghman) 2005-11-29 14:15:06.000-0600|
Much simpler fix: the buffer always needs to be one greater than the length of the data, or else the data's last digit will always be truncated.
By: deti (deti) 2005-11-29 14:32:45.000-0600
It's not really simpler because you forgot to make sure that mylen is <= sizeof(call->digitbuf)
By: Tilghman Lesher (tilghman) 2005-11-29 15:08:23.000-0600
In any case, we still need to handle more than just that one case of a single digit.
By: Tilghman Lesher (tilghman) 2005-11-29 15:50:02.000-0600
Not quite true. If somebody sent 2 DTMF digits within the IE, your patch would only allow libpri to receive 1, which is still a bug.
By: deti (deti) 2005-11-29 15:56:03.000-0600
yep, was too blind to see. Tnx.
By: Russell Bryant (russell) 2005-11-30 08:33:59.000-0600
Hey Matt, would you mind taking a look at this? Thanks!
By: Matthew Fredrickson (mattf) 2005-11-30 16:38:36.000-0600
Let's just do it by hand. We probably shouldn't have even used string copy routines for this anyway, especially when we already know the length of the data. That should probably just be a memcpy, and terminate the copied string by hand afterwards. I just fixed it in my local copy, and when I push it to head it should be fixed.
By: Matthew Fredrickson (mattf) 2005-11-30 16:42:55.000-0600
Ok, I just updated it. See if that fixes it for you.
By: deti (deti) 2005-12-01 04:57:06.000-0600
The svn head release works perfectly for me. Thanks.
By: Matthew Fredrickson (mattf) 2005-12-01 11:16:32.000-0600
Fixed in trunk
By: Matthew Fredrickson (mattf) 2005-12-01 11:16:47.000-0600
put in 1.2