kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-29 18:19:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

app_externalivr: Prevent out-of-bounds read during argument processing.

Browse Source 
Resolves: #1422
This commit is contained in:
Sean Bright
2025-09-17 14:27:49 -04:00
committed by github-actions[bot]
parent 3a7d622c63
commit 7b96fff129
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
apps/app_externalivr.c
View File

@@ -424,8 +424,11 @@ static int app_exec(struct ast_channel *chan, const char *data)
AST_APP_ARG(application);
AST_APP_ARG(options);
);
#define MAX_EIVR_APPLICATION_ARGS 32
AST_DECLARE_APP_ARGS(application_args,
AST_APP_ARG(cmd)[32];
AST_APP_ARG(cmd)[MAX_EIVR_APPLICATION_ARGS];
);
u->abort_current_sound = 0;
@@ -458,7 +461,7 @@ static int app_exec(struct ast_channel *chan, const char *data)
/* Put the application + the arguments in a , delimited list */
ast_str_reset(comma_delim_args);
for (j = 0; application_args.cmd[j] != NULL; j++) {
for (j = 0; j < MAX_EIVR_APPLICATION_ARGS && application_args.cmd[j]; j++) {
ast_str_append(&comma_delim_args, 0, "%s%s", j == 0 ? "" : ",", application_args.cmd[j]);
}