[Kamailio-Devel] Bugs in imc module
Henning Westerholt
henning.westerholt at 1und1.de
Fri Mar 13 11:18:12 CET 2009
On Sunday 08 March 2009, Jan Janak wrote:
> The imc module relies on using snprintf extensively, but it does not check
> the return value of the function properly:
>
> body.len = snprintf(body.s, IMC_BUF_SIZE,
> "invalid command '%.*s' - send ''%.*shelp' for details",
> cmd->name.len, cmd->name.s, imc_cmd_start_str.len,
> imc_cmd_start_str.s);
>
> if(body.len<=0)
>
> The test if(body.len<=0) is just plain wrong, because snprintf returns the
> number of characters that would have been written had the buffer been large
> enough.
>
> The test for the case above should be something like:
> if (body.len < 0 || body.len >= IMC_BUF_SIZE)
Hi Jan,
i've fixed this, thanks.
Henning
More information about the Devel
mailing list