diff options
| author | tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b> | 2008-03-07 06:57:44 +0000 |
|---|---|---|
| committer | tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b> | 2008-03-07 06:57:44 +0000 |
| commit | d61c17b5b2338a17d82b326f710d303410bbd4ef (patch) | |
| tree | e6a3b371ced8a1c4f07635878b88ba6faba0881e /funcs/func_strings.c | |
| parent | f9c5cd25b64ee52d84a8b4d4dbcc297b81304eb8 (diff) | |
Merged revisions 106553 via svnmerge from
https://origsvn.digium.com/svn/asterisk/trunk
................
r106553 | tilghman | 2008-03-07 00:54:47 -0600 (Fri, 07 Mar 2008) | 14 lines
Merged revisions 106552 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r106552 | tilghman | 2008-03-07 00:36:33 -0600 (Fri, 07 Mar 2008) | 6 lines
Safely use the strncat() function.
(closes issue #11958)
Reported by: norman
Patches:
20080209__bug11958.diff.txt uploaded by Corydon76 (license 14)
........
................
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.0@106554 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'funcs/func_strings.c')
| -rw-r--r-- | funcs/func_strings.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/funcs/func_strings.c b/funcs/func_strings.c index aaa4b0a97..45d476ef2 100644 --- a/funcs/func_strings.c +++ b/funcs/func_strings.c @@ -322,7 +322,7 @@ static int hashkeys_read(struct ast_channel *chan, const char *cmd, char *data, AST_LIST_TRAVERSE(&chan->varshead, newvar, entries) { if (strncasecmp(prefix, ast_var_name(newvar), plen) == 0) { /* Copy everything after the prefix */ - strncat(buf, ast_var_name(newvar) + plen, len); + strncat(buf, ast_var_name(newvar) + plen, len - strlen(buf) - 1); /* Trim the trailing ~ */ buf[strlen(buf) - 1] = ','; } @@ -387,8 +387,8 @@ static int hash_read(struct ast_channel *chan, const char *cmd, char *data, char for (i = 0; i < arg2.argc; i++) { snprintf(varname, sizeof(varname), HASH_FORMAT, arg.hashname, arg2.col[i]); varvalue = pbx_builtin_getvar_helper(chan, varname); - strncat(buf, varvalue, len); - strncat(buf, ",", len); + strncat(buf, varvalue, len - strlen(buf) - 1); + strncat(buf, ",", len - strlen(buf) - 1); } /* Strip trailing comma */ |