[OpenSIPS-Devel] libsms_getsms.c out of bounds memory access
Pascal Cuoq
pascal_cuoq at hotmail.com
Wed Jun 16 17:23:34 CEST 2010
Hello again,
> If the answer returned happens to be> ".....about 500 characters of gibberish.....+CMGL: "> assuming the right branch is taken,
sorry, this bug report has been in my to-do listfor too long and now I got the details wrong.
Line 155
while (*end<'9' && *end>'0') end++;
to skip any number of digits that may be there seems tobe fine (precisely because answer can be assumed to benul-terminated). If think that the bug was in the otherbranch, when executing line 171:
position=strstr(answer,"+CMGR:");
and answer happens to be " .... +CMGR:".
Very sorry for the confusion.
Pascal
_________________________________________________________________
Hotmail: Trusted email with powerful SPAM protection.
https://signup.live.com/signup.aspx?id=60969
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/devel/attachments/20100616/1b06536a/attachment.htm
More information about the Devel
mailing list