core: avoid possible asterisk -r crash from long id

When connecting to the remote console, an id string is first provided that consts of the hostname, pid, and version. This is parsed by the remote instance using a buffer that may be too short, and can allow a buffer overrun because it is not terminated. This patch adds termination and a larger buffer. Review: https://reviewboard.asterisk.org/r/4182/ ........ Merged revisions 429223 from http://svn.asterisk.org/svn/asterisk/branches/13 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@429224 65c4cc65-6c06-0410-ace0-fbb531ad65f3
author: Scott Griepentrog <sgriepentrog@digium.com> 2014-12-09 20:47:05 +0000
committer: Scott Griepentrog <sgriepentrog@digium.com> 2014-12-09 20:47:05 +0000
commit: 8fe45f0f0aec2b8f422e992336f23fa5fbe4adbe (patch)
tree: eddd8ca5bd70d4bf898f687bfc11c29cecef614b
parent: d673209abcd1a80e3c79153fd639bd84d21045e5 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/main/asterisk.c b/main/asterisk.c
index 1c6994280..0a5ab1335 100644
--- a/main/asterisk.c
+++ b/main/asterisk.c
@@ -3200,7 +3200,7 @@ static int ast_el_read_history(char *filename)
 
 static void ast_remotecontrol(char *data)
 {
-	char buf[80];
+	char buf[256] = "";
 	int res;
 	char filename[80] = "";
 	char *hostname;
@@ -3217,7 +3217,7 @@ static void ast_remotecontrol(char *data)
 	signal(SIGTERM, __remote_quit_handler);
 	signal(SIGHUP, __remote_quit_handler);
 
-	if (read(ast_consock, buf, sizeof(buf)) < 0) {
+	if (read(ast_consock, buf, sizeof(buf) - 1) < 0) {
 		ast_log(LOG_ERROR, "read() failed: %s\n", strerror(errno));
 		return;
 	}
author	Scott Griepentrog <sgriepentrog@digium.com>	2014-12-09 20:47:05 +0000
committer	Scott Griepentrog <sgriepentrog@digium.com>	2014-12-09 20:47:05 +0000
commit	8fe45f0f0aec2b8f422e992336f23fa5fbe4adbe (patch)
tree	eddd8ca5bd70d4bf898f687bfc11c29cecef614b
parent	d673209abcd1a80e3c79153fd639bd84d21045e5 (diff)