diff options
| author | Corey Farrell <git@cfware.com> | 2014-06-04 07:27:21 +0000 |
|---|---|---|
| committer | Corey Farrell <git@cfware.com> | 2014-06-04 07:27:21 +0000 |
| commit | db2ee74883e3476152f16882c6b4d0dd21bdbe4a (patch) | |
| tree | 24d27730efa4847e4ade9da37b866f3c3d157766 | |
| parent | 795af210a38697b6ca5a0ebf00882f89b9b109a1 (diff) | |
app_confbridge: Correct verification of conference name length
Conference names were not checked for maximum length, allowing unexpected
behaviour. This change adds checking to ensure the maximum length is not
exceeded. The maximum length is also changed from 32 to AST_MAX_EXTENSION.
ASTERISK-23035 #close
Reported by: Iñaki Cívico
Tested by: Iñaki Cívico
Patches:
confbridge-enforce_max-1.8.patch uploaded by coreyfarrell (license 5909)
confbridge-enforce_max-11up.patch uploaded by coreyfarrell (license 5909)
........
Merged revisions 415060 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 415066 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415078 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415080 65c4cc65-6c06-0410-ace0-fbb531ad65f3
| -rw-r--r-- | apps/app_confbridge.c | 17 | ||||
| -rw-r--r-- | apps/confbridge/include/confbridge.h | 2 |
2 files changed, 13 insertions, 6 deletions
diff --git a/apps/app_confbridge.c b/apps/app_confbridge.c index bf8773d32..fee8643bb 100644 --- a/apps/app_confbridge.c +++ b/apps/app_confbridge.c @@ -1593,17 +1593,24 @@ static int confbridge_exec(struct ast_channel *chan, const char *data) goto confbridge_cleanup; } - if (ast_strlen_zero(data)) { + /* We need to make a copy of the input string if we are going to modify it! */ + parse = ast_strdupa(data); + + AST_STANDARD_APP_ARGS(args, parse); + + if (ast_strlen_zero(args.conf_name)) { pbx_builtin_setvar_helper(chan, "CONFBRIDGE_RESULT", "FAILED"); ast_log(LOG_WARNING, "%s requires an argument (conference name[,options])\n", app); res = -1; goto confbridge_cleanup; } - /* We need to make a copy of the input string if we are going to modify it! */ - parse = ast_strdupa(data); - - AST_STANDARD_APP_ARGS(args, parse); + if (strlen(args.conf_name) >= MAX_CONF_NAME) { + pbx_builtin_setvar_helper(chan, "CONFBRIDGE_RESULT", "FAILED"); + ast_log(LOG_WARNING, "%s does not accept conference names longer than %d\n", app, MAX_CONF_NAME - 1); + res = -1; + goto confbridge_cleanup; + } /* bridge profile name */ if (args.argc > 1 && !ast_strlen_zero(args.b_profile_name)) { diff --git a/apps/confbridge/include/confbridge.h b/apps/confbridge/include/confbridge.h index ce6253744..4e155e621 100644 --- a/apps/confbridge/include/confbridge.h +++ b/apps/confbridge/include/confbridge.h @@ -31,7 +31,7 @@ #include "conf_state.h" /* Maximum length of a conference bridge name */ -#define MAX_CONF_NAME 32 +#define MAX_CONF_NAME AST_MAX_EXTENSION /* Maximum length of a conference pin */ #define MAX_PIN 80 |