diff options
author | Matthew Jordan <mjordan@digium.com> | 2014-01-03 21:13:30 +0000 |
---|---|---|
committer | Matthew Jordan <mjordan@digium.com> | 2014-01-03 21:13:30 +0000 |
commit | c6df713da7c279723370a59bc13a459260a89a63 (patch) | |
tree | d56c6bea6477b6b06286c21295eebac30bb6bf4e /res | |
parent | bd4be333fbc484fa5a8bb39e0615fbeed8160777 (diff) |
res_pjsip_authenticator_digest: Fix md5 hash buffer
An md5 hash is 32 bytes long. The char buffer must be at least 33 bytes to
avoid clobbering of the stack. This patch also fixes a potential clobbering
in test_utils.c.
Thanks to Andrew Nagy for reporting and testing this out in #asterisk-dev
Reported by: Andrew Nagy
Tested by: Andrew Nagy
........
Merged revisions 404843 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@404844 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'res')
-rw-r--r-- | res/res_pjsip_authenticator_digest.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/res/res_pjsip_authenticator_digest.c b/res/res_pjsip_authenticator_digest.c index e0f633fce..3485a69af 100644 --- a/res/res_pjsip_authenticator_digest.c +++ b/res/res_pjsip_authenticator_digest.c @@ -200,7 +200,7 @@ static int build_nonce(struct ast_str **nonce, const char *timestamp, const pjsi { struct ast_str *str = ast_str_alloca(256); RAII_VAR(char *, eid, ao2_global_obj_ref(entity_id), ao2_cleanup); - char hash[32]; + char hash[33]; ast_str_append(&str, 0, "%s", timestamp); ast_str_append(&str, 0, ":%s", rdata->pkt_info.src_name); |