[Pkg-voip-commits] r8708 - in /asterisk/trunk/debian: changelog patches/AST-2011-001 patches/series
tzafrir at alioth.debian.org
tzafrir at alioth.debian.org
Mon Jan 17 20:04:59 UTC 2011
Author: tzafrir
Date: Mon Jan 17 20:04:55 2011
New Revision: 8708
URL: http://svn.debian.org/wsvn/pkg-voip/?sc=1&rev=8708
Log:
AST-2011-001
Added:
asterisk/trunk/debian/patches/AST-2011-001
Modified:
asterisk/trunk/debian/changelog
asterisk/trunk/debian/patches/series
Modified: asterisk/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/trunk/debian/changelog?rev=8708&op=diff
==============================================================================
--- asterisk/trunk/debian/changelog (original)
+++ asterisk/trunk/debian/changelog Mon Jan 17 20:04:55 2011
@@ -1,3 +1,9 @@
+asterisk (1:1.6.2.9-3) unstable; urgency=low
+
+ * AST-2011-001
+
+ -- Tzafrir Cohen <tzafrir at debian.org> Mon, 17 Jan 2011 21:54:08 +0200
+
asterisk (1:1.6.2.9-2) unstable; urgency=high
[ Tzafrir Cohen ]
Added: asterisk/trunk/debian/patches/AST-2011-001
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/trunk/debian/patches/AST-2011-001?rev=8708&op=file
==============================================================================
--- asterisk/trunk/debian/patches/AST-2011-001 (added)
+++ asterisk/trunk/debian/patches/AST-2011-001 Mon Jan 17 20:04:55 2011
@@ -1,0 +1,50 @@
+Description: Prevent buffer overflows in ast_uri_encode()
+Origin: http://svnview.digium.com/svn/asterisk?view=revision&revision=302147
+
+Index: main/utils.c
+===================================================================
+--- a/main/utils.c (revision 302146)
++++ b/main/utils.c (revision 302147)
+@@ -386,28 +386,27 @@
+ char *reserved = ";/?:@&=+$,# "; /* Reserved chars */
+
+ const char *ptr = string; /* Start with the string */
+- char *out = NULL;
+- char *buf = NULL;
++ char *out = outbuf;
+
+- ast_copy_string(outbuf, string, buflen);
+-
+- /* If there's no characters to convert, just go through and don't do anything */
+- while (*ptr) {
++ /* If there's no characters to convert, just go through and copy the string */
++ while (*ptr && out - outbuf < buflen - 1) {
+ if ((*ptr < 32) || (doreserved && strchr(reserved, *ptr))) {
+- /* Oops, we need to start working here */
+- if (!buf) {
+- buf = outbuf;
+- out = buf + (ptr - string) ; /* Set output ptr */
++ if (out - outbuf >= buflen - 3) {
++ break;
+ }
++
+ out += sprintf(out, "%%%02x", (unsigned char) *ptr);
+- } else if (buf) {
+- *out = *ptr; /* Continue copying the string */
++ } else {
++ *out = *ptr; /* copy the character */
+ out++;
+- }
++ }
+ ptr++;
+ }
+- if (buf)
++
++ if (buflen) {
+ *out = '\0';
++ }
++
+ return outbuf;
+ }
+
+
Modified: asterisk/trunk/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/trunk/debian/patches/series?rev=8708&op=diff
==============================================================================
--- asterisk/trunk/debian/patches/series (original)
+++ asterisk/trunk/debian/patches/series Mon Jan 17 20:04:55 2011
@@ -25,3 +25,4 @@
man_hyphen
typos
rtcp_cli_fix
+AST-2011-001
More information about the Pkg-voip-commits
mailing list