kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-04 11:58:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer overflow in slin sample frames generation.

Browse Source 
The length of frames retured by sample functions was twice as large as
real, what caused global buffer overflow caught by AddressSanitizer.

ASTERISK-24717 #close
Reported by: Badalian Vyacheslav

Change-Id: Iec2fe682aef13e556684912f906bedf7c18229c6
This commit is contained in:
Ivan Poddubny
2015-05-31 19:33:37 +03:00
parent bef000dd7c
commit 0a5f8c0d73
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
include/asterisk/slin.h
View File

@@ -62,7 +62,7 @@ static inline struct ast_frame *slin8_sample(void)
{
static struct ast_frame f = {
.frametype = AST_FRAME_VOICE,
.datalen = sizeof(ex_slin8) * 2,
.datalen = sizeof(ex_slin8),
.samples = ARRAY_LEN(ex_slin8),
.mallocd = 0,
.offset = 0,
@@ -79,7 +79,7 @@ static inline struct ast_frame *slin16_sample(void)
{
static struct ast_frame f = {
.frametype = AST_FRAME_VOICE,
.datalen = sizeof(ex_slin16) * 2,
.datalen = sizeof(ex_slin16),
.samples = ARRAY_LEN(ex_slin16),
.mallocd = 0,
.offset = 0,