From 7369d96f8361c523a7ae4753391a9a7336a89fb8 Mon Sep 17 00:00:00 2001
From: Benny Prijono <bennylp@teluu.com>
Date: Tue, 8 Oct 2013 09:08:13 +0000
Subject: Re #1703: fixing general bugs. First installment: correct handling of
 snprintf return value

git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4613 74dad513-b988-da41-8d7b-12977e46ad98
---
 pjsip/src/pjsip-ua/sip_100rel.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'pjsip/src/pjsip-ua/sip_100rel.c')

diff --git a/pjsip/src/pjsip-ua/sip_100rel.c b/pjsip/src/pjsip-ua/sip_100rel.c
index 60b989b2..0fb07e79 100644
--- a/pjsip/src/pjsip-ua/sip_100rel.c
+++ b/pjsip/src/pjsip-ua/sip_100rel.c
@@ -344,6 +344,9 @@ PJ_DEF(pj_status_t) pjsip_100rel_create_prack( pjsip_inv_session *inv,
 				 rseq, rdata->msg_info.cseq->cseq,
 				 (int)tsx->method.name.slen,
 				 tsx->method.name.ptr);
+    if (rack.slen < 1 || rack.slen >= (int)sizeof(rack_buf)) {
+	return PJ_ETOOSMALL;
+    }
     rack_hdr = pjsip_generic_string_hdr_create(tdata->pool, &RACK, &rack);
     pjsip_msg_add_hdr(tdata->msg, (pjsip_hdr*) rack_hdr);
 
-- 
cgit v1.2.3