sysmocom
/
asterisk
11
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Perform proper heap bounds checking on skinny messages (bug #1726) 

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@3085 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This commit is contained in:
Mark Spencer 2004-05-26 23:15:23 +00:00
parent fdb8ffe20d
commit ec14976ac3
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
channels/chan_skinny.c
View File

@ -2261,6 +2261,8 @@ static int get_input(struct skinnysession *s)
return -1;
}
dlen = *(int *)s->inbuf;
if (dlen+8 > sizeof(s->inbuf))
dlen = sizeof(s->inbuf) - 8;
res = read(s->fd, s->inbuf+4, dlen+4);
ast_mutex_unlock(&s->lock);
if (res != (dlen+4)) {