diff options
author | Matthew Jordan <mjordan@digium.com> | 2012-04-17 21:08:05 +0000 |
---|---|---|
committer | Matthew Jordan <mjordan@digium.com> | 2012-04-17 21:08:05 +0000 |
commit | 3934b0478d4962a81fcc5d20b75dbfc3aceb398e (patch) | |
tree | 37f41a23b3e1235452f869ab094cbe1923a2b3a0 /main/asterisk.c | |
parent | 2cc415417e722bdf360a63935f0beb24fb8fc047 (diff) |
Fix places in main where a negative return value could impact execution
This patch addresses a number of modules in main that did not handle the
negative return value from function calls adequately, or were not sufficiently
clear that the conditions leading to improper handling of the return values
could not occur. This includes:
* asterisk.c: A negative return value from the read function would be used
directly as an index into a buffer. We now check for success of the read
function prior to using its result as an index.
* manager.c: Check for failures in mkstemp and lseek when handling the
temporary file created for processing data returned from a CLI command in
action_command. Also check that the result of an lseek is sanitized prior
to using it as the size of a memory map to allocate.
(issue ASTERISK-19655)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/1863/
........
Merged revisions 362359 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362360 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362361 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'main/asterisk.c')
-rw-r--r-- | main/asterisk.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/main/asterisk.c b/main/asterisk.c index 902a285bf..aaa9d03fc 100644 --- a/main/asterisk.c +++ b/main/asterisk.c @@ -2311,6 +2311,7 @@ static int ast_el_read_char(EditLine *editline, char *cp) quit_handler(0, SHUTDOWN_FAST, 0); } } + continue; } buf[res] = '\0'; @@ -2621,7 +2622,9 @@ static char *cli_complete(EditLine *editline, int ch) if (ast_opt_remote) { snprintf(buf, sizeof(buf), "_COMMAND NUMMATCHES \"%s\" \"%s\"", lf->buffer, ptr); fdsend(ast_consock, buf); - res = read(ast_consock, buf, sizeof(buf) - 1); + if ((res = read(ast_consock, buf, sizeof(buf) - 1)) < 0) { + return (char*)(CC_ERROR); + } buf[res] = '\0'; nummatches = atoi(buf); |