[sr-dev] [kamailio/kamailio] pv_headers: fix possible mem. overflow issue and wrong size string (PR #3095)
Daniel-Constantin Mierla
notifications at github.com
Thu Apr 28 14:16:49 CEST 2022
@miconda commented on this pull request.
>
if (result == NULL || t == NULL)
{
PKG_MEM_ERROR;
goto clean;
}
- snprintf(result, elements->len - toRemove->len, "%*s", elements->len - toRemove->len, "");
- snprintf(t, elements->len+1, "%s", elements->s);
+ memset(result, 32, elements->len - toRemove->len);
What is the purpose of filling `result` buffer with space (char code `32`)?
> }
}
if (elements->len-toRemove->len > 0)
{
- snprintf(elements->s, elements->len, "%*s", elements->len-toRemove->len, "");
+ memset(elements->s, 32, elements->len - toRemove->len);
snprintf(elements->s, (strlen(result)%elements->len)+1, "%s", result);
Another `memset` with char code 32 (space), then `snprintf` in the same buffer.
Maybe it is ok, but `memset` with `space` is quite unusual, therefore asking for further details.
--
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/3095#pullrequestreview-956330819
You are receiving this because you are subscribed to this thread.
Message ID: <kamailio/kamailio/pull/3095/review/956330819 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20220428/ec3de94b/attachment.htm>
More information about the sr-dev
mailing list