[OpenSIPS-Devel] [OpenSIPS/opensips] 315b7c: cfg parser: Avoid unnecessary strlen on error case
Liviu Chircu
noreply at github.com
Wed May 22 16:50:23 UTC 2024
Branch: refs/heads/3.5
Home: https://github.com/OpenSIPS/opensips
Commit: 315b7c35586f3d2288a013f32edaf2e7eb5ef378
https://github.com/OpenSIPS/opensips/commit/315b7c35586f3d2288a013f32edaf2e7eb5ef378
Author: Liviu Chircu <liviu at opensips.org>
Date: 2024-05-22 (Wed, 22 May 2024)
Changed paths:
M cfg_pp.c
Log Message:
-----------
cfg parser: Avoid unnecessary strlen on error case
When getline() returns -1, the @lineptr argument is never safe to read,
nor is this recommended. So when both rc == -1 and EOF conditions
occur, it is safe to assume we read 0 bytes, without doing the strlen().
Many thanks to Dhiraj Mishra (@RandomDhiraj) for detecting, documenting
and reporting the potential risk of a heap buffer overflow here!
(cherry picked from commit 50b651c230eec5daaf52f8742a9c3dd92123f3d2)
To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications
More information about the Devel
mailing list