[OpenSIPS-Devel] [opensips] append '\0' null character to the end of db_url in macro init_db_url (#475)
Răzvan Crainea
notifications at github.com
Wed Apr 22 09:52:03 CEST 2015
> @@ -454,6 +454,7 @@ int estimate_available_rows( int payload_size, int column_count);
> } else {\
> _db_url.len = strlen(_db_url.s); \
> } \
> + _db_url.s[_db_url.len+1] = '\0'; \
I think this is a bit broken:
1. _db_url.s - is already NULL terminated, because otherwise strlen() would not work
2. you are adding '\0' after the end of the string (the '\0') - this is a buffer overflow.
3. there is one branch where _db_url.len is not initialized - if there is no DB specified and no default one
I think we'd better investigate the root cause :)
---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/pull/475/files#r28850995
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/devel/attachments/20150422/64f5ebe6/attachment.htm>
More information about the Devel
mailing list