diff options
| author | Russell Bryant <russell@russellbryant.com> | 2008-03-13 20:26:59 +0000 |
|---|---|---|
| committer | Russell Bryant <russell@russellbryant.com> | 2008-03-13 20:26:59 +0000 |
| commit | 432cb904113aa8be1906aa4a1f57694ad8ee2908 (patch) | |
| tree | 469d20dc31e20467d9745f5225bd7b6b287af5c2 | |
| parent | 1a2b358588f3bf907a0d258964342686ad0a228e (diff) | |
Merged revisions 108469 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r108469 | russell | 2008-03-13 15:26:28 -0500 (Thu, 13 Mar 2008) | 4 lines
Fix a couple uses of sprintf. The second one could actually cause an overflow
of a stack buffer. It's not a security issue though, it only depends on your
configuration.
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@108472 65c4cc65-6c06-0410-ace0-fbb531ad65f3
| -rw-r--r-- | apps/app_followme.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/apps/app_followme.c b/apps/app_followme.c index 4e83c819f..eeb9f03dc 100644 --- a/apps/app_followme.c +++ b/apps/app_followme.c @@ -779,9 +779,9 @@ static void findmeexec(struct fm_args *tpargs) } if (!strcmp(tpargs->context, "")) - sprintf(dialarg, "%s", number); + snprintf(dialarg, sizeof(dialarg), "%s", number); else - sprintf(dialarg, "%s@%s", number, tpargs->context); + snprintf(dialarg, sizeof(dialarg), "%s@%s", number, tpargs->context); tmpuser = ast_calloc(1, sizeof(*tmpuser)); if (!tmpuser) { |