mirror of
https://github.com/asterisk/asterisk.git
synced 2026-06-30 20:19:42 -07:00
ooh323: Prevent potential buffer overflow in trace logging
Replace a call to vsprintf with a call to ast_vasprintf to prevent a possible buffer overflow. Resolves: #GHSA-x348-j6c9-77f3
This commit is contained in:
committed by
George Joseph
parent
9724288770
commit
70b0abcd03
@@ -43,13 +43,17 @@ void ooTrace(OOUINT32 traceLevel, const char * fmtspec, ...) __attribute__((form
|
||||
|
||||
void ooTrace(OOUINT32 traceLevel, const char * fmtspec, ...) {
|
||||
va_list arglist;
|
||||
char logMessage[MAXLOGMSGLEN];
|
||||
char *logMessage = NULL;
|
||||
int res = 0;
|
||||
if(traceLevel > gs_traceLevel) return;
|
||||
va_start (arglist, fmtspec);
|
||||
/* memset(logMessage, 0, MAXLOGMSGLEN);*/
|
||||
vsprintf(logMessage, fmtspec, arglist);
|
||||
res = ast_vasprintf(&logMessage, fmtspec, arglist);
|
||||
va_end(arglist);
|
||||
if (res < 0 || !logMessage) {
|
||||
return;
|
||||
}
|
||||
ooTraceLogMessage(logMessage);
|
||||
ast_free(logMessage);
|
||||
}
|
||||
|
||||
void ooTraceLogMessage(const char * logMessage)
|
||||
|
||||
Reference in New Issue
Block a user