From 42a70f149df4f001a5bf0276d32df5e2f6534342 Mon Sep 17 00:00:00 2001 From: Russell Bryant Date: Thu, 13 Mar 2008 20:27:24 +0000 Subject: [PATCH] Merged revisions 108472 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ................ r108472 | russell | 2008-03-13 15:26:59 -0500 (Thu, 13 Mar 2008) | 12 lines Merged revisions 108469 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r108469 | russell | 2008-03-13 15:26:28 -0500 (Thu, 13 Mar 2008) | 4 lines Fix a couple uses of sprintf. The second one could actually cause an overflow of a stack buffer. It's not a security issue though, it only depends on your configuration. ........ ................ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.6.0@108474 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- apps/app_followme.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/app_followme.c b/apps/app_followme.c index c52a702f7c..4985f77265 100644 --- a/apps/app_followme.c +++ b/apps/app_followme.c @@ -782,9 +782,9 @@ static void findmeexec(struct fm_args *tpargs) } if (!strcmp(tpargs->context, "")) - sprintf(dialarg, "%s", number); + snprintf(dialarg, sizeof(dialarg), "%s", number); else - sprintf(dialarg, "%s@%s", number, tpargs->context); + snprintf(dialarg, sizeof(dialarg), "%s@%s", number, tpargs->context); tmpuser = ast_calloc(1, sizeof(*tmpuser)); if (!tmpuser) {