sysmocom
/
asterisk
11
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pjsip: prevent memory corruption on creation of xml bodies 

ASTERISK-26776 #close

Change-Id: I884b6f4e8233a355d0be687ec78d41bc0e4d3fd2
This commit is contained in:
Joshua Elson 2017-03-13 14:21:23 -06:00
parent f5603cb1ec
commit 65ad554c98
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
third-party/pjproject/patches/0025-fix-print-xml-crash.patch vendored Normal file
View File

@ -0,0 +1,24 @@
From 1bc5ca699f523bd8e910203a3eb4dee58f366976 Mon Sep 17 00:00:00 2001
From: Joshua Elson <joshelson@gmail.com>
Date: Mon, 20 Mar 2017 19:28:47 -0600
Subject: [PATCH] Prevent memory corruption on xml tag write
---
pjlib-util/src/pjlib-util/xml.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/pjlib-util/src/pjlib-util/xml.c b/pjlib-util/src/pjlib-util/xml.c
index 296b232..b0aad26 100644
--- a/pjlib-util/src/pjlib-util/xml.c
+++ b/pjlib-util/src/pjlib-util/xml.c
@@ -248,6 +248,7 @@ static int xml_print_node( const pj_xml_node *node, int indent,
if (node->content.slen==0 &&
node->node_head.next==(pj_xml_node*)&node->node_head)
{
+ if (SIZE_LEFT() < 3) return -1;
*p++ = ' ';
*p++ = '/';
*p++ = '>';
--
2.10.1 (Apple Git-78)