Summary: | ASTERISK-13399: [patch] insufficient stringlength checking in action_userevent | ||
Reporter: | Marcus Hunger (fnordian) | Labels: | |
Date Opened: | 2009-01-19 10:18:51.000-0600 | Date Closed: | 2009-01-19 14:10:01.000-0600 |
Priority: | Critical | Regression? | No |
Status: | Closed/Complete | Components: | Core/ManagerInterface |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ( 0) userevent.patch | |
Description: | hi, there's an error in action_userevent and in userevent_exec which can cause an overflow of a stringbuffer. | ||
Comments: | By: Digium Subversion (svnbot) 2009-01-19 13:49:38.000-0600 Repository: asterisk Revision: 169364 U branches/1.4/apps/app_userevent.c U branches/1.4/main/manager.c ------------------------------------------------------------------------ r169364 | tilghman | 2009-01-19 13:49:38 -0600 (Mon, 19 Jan 2009) | 4 lines Truncate userevents at the end of a line, when the command exceeds the buffer. (closes issue ASTERISK-13399) Reported by: fnordian ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=169364 By: Digium Subversion (svnbot) 2009-01-19 14:05:40.000-0600 Repository: asterisk Revision: 169365 _U trunk/ U trunk/apps/app_userevent.c U trunk/main/manager.c ------------------------------------------------------------------------ r169365 | tilghman | 2009-01-19 14:05:40 -0600 (Mon, 19 Jan 2009) | 11 lines Merged revisions 169364 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r169364 | tilghman | 2009-01-19 13:49:25 -0600 (Mon, 19 Jan 2009) | 4 lines Truncate userevents at the end of a line, when the command exceeds the buffer. (closes issue ASTERISK-13399) Reported by: fnordian ........ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=169365 By: Digium Subversion (svnbot) 2009-01-19 14:07:54.000-0600 Repository: asterisk Revision: 169366 _U branches/1.6.0/ U branches/1.6.0/apps/app_userevent.c U branches/1.6.0/main/manager.c ------------------------------------------------------------------------ r169366 | tilghman | 2009-01-19 14:07:54 -0600 (Mon, 19 Jan 2009) | 18 lines Merged revisions 169365 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ................ r169365 | tilghman | 2009-01-19 14:05:52 -0600 (Mon, 19 Jan 2009) | 11 lines Merged revisions 169364 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r169364 | tilghman | 2009-01-19 13:49:25 -0600 (Mon, 19 Jan 2009) | 4 lines Truncate userevents at the end of a line, when the command exceeds the buffer. (closes issue ASTERISK-13399) Reported by: fnordian ........ ................ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=169366 By: Digium Subversion (svnbot) 2009-01-19 14:10:01.000-0600 Repository: asterisk Revision: 169368 _U branches/1.6.1/ U branches/1.6.1/apps/app_userevent.c U branches/1.6.1/main/manager.c ------------------------------------------------------------------------ r169368 | tilghman | 2009-01-19 14:10:01 -0600 (Mon, 19 Jan 2009) | 18 lines Merged revisions 169365 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ................ r169365 | tilghman | 2009-01-19 14:05:52 -0600 (Mon, 19 Jan 2009) | 11 lines Merged revisions 169364 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r169364 | tilghman | 2009-01-19 13:49:25 -0600 (Mon, 19 Jan 2009) | 4 lines Truncate userevents at the end of a line, when the command exceeds the buffer. (closes issue ASTERISK-13399) Reported by: fnordian ........ ................ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=169368 |