kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-12 15:45:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer overflow in slin sample frames generation.

Browse Source 
The length of frames retured by sample functions was twice as large as
real, what caused global buffer overflow caught by AddressSanitizer.

ASTERISK-24717 #close
Reported by: Badalian Vyacheslav

Change-Id: Iec2fe682aef13e556684912f906bedf7c18229c6
This commit is contained in:
Ivan Poddubny
2015-05-31 19:33:37 +03:00
parent 857166b5e5
commit 888bb49618
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
include/asterisk/slin.h
View File

@@ -62,7 +62,7 @@ static inline struct ast_frame *slin8_sample(void)
{
static struct ast_frame f = {
.frametype = AST_FRAME_VOICE,
.datalen = sizeof(ex_slin8) * 2,
.datalen = sizeof(ex_slin8),
.samples = ARRAY_LEN(ex_slin8),
.mallocd = 0,
.offset = 0,
@@ -79,7 +79,7 @@ static inline struct ast_frame *slin16_sample(void)
{
static struct ast_frame f = {
.frametype = AST_FRAME_VOICE,
.datalen = sizeof(ex_slin16) * 2,
.datalen = sizeof(ex_slin16),
.samples = ARRAY_LEN(ex_slin16),
.mallocd = 0,
.offset = 0,