From f741decf40e33b06e9c7d543dceef84d2bdf1d13 Mon Sep 17 00:00:00 2001 From: Russell Bryant Date: Tue, 2 Oct 2007 14:12:35 +0000 Subject: [PATCH] Use snprintf instead of sprintf in one place. There is no vulnerability here due to various buffer sizes around the code, but I still didn't like seeing a non length-limited copy of data coming off of the wire into a stack buffer, as this would be a problem in the future if buffer sizes elsewhere got changed or size limitations removed ... git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@84370 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- channels/chan_sip.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 4b7d3a8899..98e10c5fa1 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -6939,7 +6939,7 @@ static int transmit_invite(struct sip_pvt *p, int sipmethod, int sdp, int init) if (!ast_strlen_zero(p->refer->refer_to)) add_header(&req, "Refer-To", p->refer->refer_to); if (!ast_strlen_zero(p->refer->referred_by)) { - sprintf(buf, "%s <%s>", p->refer->referred_by_name, p->refer->referred_by); + snprintf(buf, sizeof(buf), "%s <%s>", p->refer->referred_by_name, p->refer->referred_by); add_header(&req, "Referred-By", buf); } }