mirror of
https://github.com/asterisk/asterisk.git
synced 2026-07-04 05:55:58 -07:00
eb0d0eb4d1
When reading configuration data from an Asterisk .conf file or when pulling data from an Asterisk RealTime backend, Asterisk was copying the data on the stack for manipulation. Unfortunately, it is possible to read configuration data or realtime data from some data source that provides a large blob of characters. This could potentially cause a crash via a stack overflow. This patch prevents large sets of data from being read from an ARA backend or from an Asterisk conf file. (issue ASTERISK-20658) Reported by: wdoekes Tested by: wdoekes, mmichelson patches: * issueA20658_dont_process_overlong_config_lines.patch uploaded by wdoekes (license 5674) * issueA20658_func_realtime_limit.patch uploaded by wdoekes (license 5674) git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@378375 65c4cc65-6c06-0410-ace0-fbb531ad65f3