Asterisk
  1. Asterisk
  2. ASTERISK-7607

[patch] security fix for format string issue in app_record

    Details

    • Type: Bug Bug
    • Status: Closed
    • Severity: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Target Release Version/s: None
    • Labels:
      None
    • Mantis ID:
      7811
    • Regression:
      No

      Description

      Using snprintf with format from user-passed data was very, very bad idea.

        Activity

        Hide
        Tilghman Lesher added a comment -

        Your patch does far more than just correct this security hole, and in fact, it reduces functionality. For example, if maxstr contains 'foo', the current code (correctly) determines that that input is incorrect, but your revision does not.

        Please correct and resubmit.

        Show
        Tilghman Lesher added a comment - Your patch does far more than just correct this security hole, and in fact, it reduces functionality. For example, if maxstr contains 'foo', the current code (correctly) determines that that input is incorrect, but your revision does not. Please correct and resubmit.
        Hide
        Tilghman Lesher added a comment -

        Also, this issue also exists in 1.2, so please submit a patch for that version.

        Show
        Tilghman Lesher added a comment - Also, this issue also exists in 1.2, so please submit a patch for that version.
        Hide
        Tilghman Lesher added a comment -

        This patch is more along the lines of what is necessary.

        Show
        Tilghman Lesher added a comment - This patch is more along the lines of what is necessary.
        Hide
        Denis Smirnov added a comment -

        Looks very nice! And much simpler than my code.

        But, I think, needs some comments, because it's not so simple read without clear understanding how AST_NONSTANDARD_APP_ARGS works.

        I create my patch without sscanf->atoi change for 1.2 and svn head. Need I upload it?

        Show
        Denis Smirnov added a comment - Looks very nice! And much simpler than my code. But, I think, needs some comments, because it's not so simple read without clear understanding how AST_NONSTANDARD_APP_ARGS works. I create my patch without sscanf->atoi change for 1.2 and svn head. Need I upload it?
        Hide
        Tilghman Lesher added a comment -

        Committed, revisions 42355 (1.2) and 42356 (trunk).

        Show
        Tilghman Lesher added a comment - Committed, revisions 42355 (1.2) and 42356 (trunk).

          People

          • Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development