kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-05 12:16:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

res_pjsip_registrar.c: Prevent possible buffer overflow with domain aliases

Browse Source 
We're appropriately sizing the id_domain_alias buffer, but then copying the data
into the id_domain one. We were then using the uninitialized id_domain_alias
buffer we just allocated.

This is ASTERISK~28641 adjacent, but significant enough to warrant its own
patch.

Change-Id: I81c38724d18deab8c6573153e2b99dbb6e2f33d9
This commit is contained in:
Sean Bright
2019-12-04 16:12:39 -05:00
parent c0ab241cc0
commit f26e5bacc0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
res/res_pjsip_registrar.c
View File

@@ -975,7 +975,7 @@ static char *find_aor_name(const char *username, const char *domain, const char
if (alias) {
char *id_domain_alias = ast_alloca(strlen(username) + strlen(alias->domain) + 2);
sprintf(id_domain, "%s@%s", username, alias->domain);
sprintf(id_domain_alias, "%s@%s", username, alias->domain);
ao2_cleanup(alias);
configured_aors = strcpy(aors_buf, aors);/* Safe */