[OpenSIPS-Devel] [OpenSIPS/opensips] 50b651: cfg parser: Avoid unnecessary strlen on error case
Liviu Chircu
noreply at github.com
Wed May 22 16:48:51 UTC 2024
Branch: refs/heads/master
Home: https://github.com/OpenSIPS/opensips
Commit: 50b651c230eec5daaf52f8742a9c3dd92123f3d2
https://github.com/OpenSIPS/opensips/commit/50b651c230eec5daaf52f8742a9c3dd92123f3d2
Author: Liviu Chircu <liviu at opensips.org>
Date: 2024-05-22 (Wed, 22 May 2024)
Changed paths:
M cfg_pp.c
Log Message:
-----------
cfg parser: Avoid unnecessary strlen on error case
When getline() returns -1, the @lineptr argument is never safe to read,
nor is this recommended. So when both rc == -1 and EOF conditions
occur, it is safe to assume we read 0 bytes, without doing the strlen().
Many thanks to Dhiraj Mishra (@RandomDhiraj) for detecting, documenting
and reporting the potential risk of a heap buffer overflow here!
To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications
More information about the Devel
mailing list