[Pkg-voip-commits] r2332 - in asterisk/trunk/debian: . patches

Wed Aug 30 20:35:02 UTC 2006

Author: tzafrir-guest
Date: 2006-08-30 20:35:01 +0000 (Wed, 30 Aug 2006)
New Revision: 2332

Added:
   asterisk/trunk/debian/patches/apprecord_sprintf.dpatch
Modified:
   asterisk/trunk/debian/changelog
   asterisk/trunk/debian/patches/00list
Log:
apprecord_sprintf.dpatch: fix format string issue in app_record.so .

Modified: asterisk/trunk/debian/changelog
===================================================================

--- asterisk/trunk/debian/changelog	2006-08-30 20:28:54 UTC (rev 2331)
+++ asterisk/trunk/debian/changelog	2006-08-30 20:35:01 UTC (rev 2332)
@@ -6,10 +6,10 @@
   * CVE-2006-4346: Asterisk MGCP AUEP Response Handling Buffer
     Overflow (Closes: Bug#385060)
   * Please package Asterisk 1.2.11 and Zaptel 1.2.8 (Closes: #384283)
+  
+  [ Tzafrir Cohen]
+  * apprecord_sprintf.dpatch: fix format string issue in app_record.so .
 
-  TODO:
-  * Tzafrir: patch for the real format string issue
-
  -- Mark Purcell <msp at debian.org>  Wed, 30 Aug 2006 19:24:42 +0100
 
 asterisk (1:1.2.10.dfsg-3) unstable; urgency=low
@@ -28,7 +28,7 @@
   * Move doc/asterisk -> asterisk-doc package
   
   [ Tzafrir Cohen]
-  * New upstream release.
+  * New upstream release (Closes: #385060).
   * bristuff 0.3.0-PRE-1s (adapted to asterisk 1.2.11).
 
  -- Mark Purcell <msp at debian.org>  Thu, 17 Aug 2006 20:31:02 +0100
@@ -71,7 +71,7 @@
   [ Tzafrir Cohen ]
   * reunite init.d and logrotate scripts in the package asterisk
   * Re-add correct_pid_display.dpatch
-  * bristuff 0.3.0-PRE1q (gsm functionality missing: needs libgstam)
+  * bristuff 0.3.0-PRE1s (gsm functionality missing: needs libgstam)
   * sys_readline.dpatch: Realine support in the CLI. TODO: tab completion
   * sys_editline.dpatch: alternativly, simply use the system version of
     editline (not used).

Modified: asterisk/trunk/debian/patches/00list
===================================================================
--- asterisk/trunk/debian/patches/00list	2006-08-30 20:28:54 UTC (rev 2331)
+++ asterisk/trunk/debian/patches/00list	2006-08-30 20:35:01 UTC (rev 2332)
@@ -17,3 +17,4 @@
 correct_pid_display
 zap_restart
 backport_playdtmf
+apprecord_sprintf

Added: asterisk/trunk/debian/patches/apprecord_sprintf.dpatch
===================================================================
--- asterisk/trunk/debian/patches/apprecord_sprintf.dpatch	                        (rev 0)
+++ asterisk/trunk/debian/patches/apprecord_sprintf.dpatch	2006-08-30 20:35:01 UTC (rev 2332)
@@ -0,0 +1,105 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## apprecord_sprintf.dpatch by Tzafrir Cohen <tzafrir.cohen at xorcom.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix format string issue in app_record. 
+## DP: http://bugs.digium.com/view.php?id=7811
+
+ at DPATCH@
+diff -urNad asterisk-1.2.10.dfsg/apps/app_record.c /tmp/dpep.UF8vRx/asterisk-1.2.10.dfsg/apps/app_record.c
+--- asterisk-1.2.10.dfsg/apps/app_record.c	2005-11-29 20:24:39.000000000 +0200
++++ /tmp/dpep.UF8vRx/asterisk-1.2.10.dfsg/apps/app_record.c	2006-08-30 21:43:35.007704143 +0300
+@@ -70,6 +70,34 @@
+ "If the user should hangup during a recording, all data will be lost and the\n"
+ "application will teminate. \n";
+ 
++static char *filename_add_count(const char *fn, int count)
++{
++	char *realname;
++	char *tmp;
++	char cnt[32];
++	size_t i;
++	int can_subst = 1;
++
++	snprintf(cnt, sizeof(cnt), "%d", count);
++	tmp = realname = malloc(strlen(fn) + strlen(cnt) + 1);
++
++	while( *fn )
++	{
++		if (*fn == '%' && can_subst && fn[1] == 'd') {
++				strcpy(tmp, cnt);
++				tmp+=strlen(tmp);
++				can_subst = 0;
++				fn++;
++		} else {
++			*tmp = *fn;
++			tmp++;
++		}
++		fn++;
++	}
++	return realname;
++}
++
++
+ STANDARD_LOCAL_USER;
+ 
+ LOCAL_USER_DECL;
+@@ -82,7 +110,7 @@
+ 	char *filename, *ext = NULL, *silstr, *maxstr, *options;
+ 	char *vdata, *p;
+ 	int i = 0;
+-	char tmp[256];
++	char *realfilename = NULL;
+ 
+ 	struct ast_filestream *s = '\0';
+ 	struct localuser *u;
+@@ -177,23 +205,24 @@
+ 				option_quiet = 1;
+ 		}
+ 	}
+-	
+ 	/* done parsing */
+ 	
+ 	/* these are to allow the use of the %d in the config file for a wild card of sort to
+ 	  create a new file with the inputed name scheme */
+ 	if (percentflag) {
+-		do {
+-			snprintf(tmp, sizeof(tmp), filename, count);
++		realfilename = filename_add_count(filename, count);
++		count++;
++		while ( ast_fileexists(realfilename, ext, chan->language) != -1 )
++		{
++			free(realfilename);
++			realfilename = filename_add_count(filename, count);
+ 			count++;
+-		} while ( ast_fileexists(tmp, ext, chan->language) != -1 );
+-		pbx_builtin_setvar_helper(chan, "RECORDED_FILE", tmp);
++		}
++		pbx_builtin_setvar_helper(chan, "RECORDED_FILE", realfilename);
+ 	} else
+-		strncpy(tmp, filename, sizeof(tmp)-1);
++		realfilename = strdup(filename);
+ 	/* end of routine mentioned */
+ 	
+-	
+-	
+ 	if (chan->_state != AST_STATE_UP) {
+ 		if (option_skip) {
+ 			/* At the user's option, skip if the line is not up */
+@@ -242,7 +271,7 @@
+ 		
+ 		
+ 	flags = option_append ? O_CREAT|O_APPEND|O_WRONLY : O_CREAT|O_TRUNC|O_WRONLY;
+-	s = ast_writefile( tmp, ext, NULL, flags , 0, 0644);
++	s = ast_writefile( realfilename, ext, NULL, flags , 0, 0644);
+ 		
+ 	if (!s) {
+ 		ast_log(LOG_WARNING, "Could not create file %s\n", filename);
+@@ -337,6 +366,7 @@
+ 		if (sildet)
+ 			ast_dsp_free(sildet);
+ 	}
++	free(realfilename);
+ 
+ 	LOCAL_USER_REMOVE(u);
+ 


Property changes on: asterisk/trunk/debian/patches/apprecord_sprintf.dpatch
___________________________________________________________________
Name: svn:executable
   + *


