This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Harald Welte gerrit-no-reply at lists.osmocom.orgReview at https://gerrit.osmocom.org/4896 Fix possible buffer overflow in mgcp_conn_dump() mgcp_conn.c: In function ‘mgcp_conn_dump’: mgcp_conn.c:248:30: warning: ‘/rtp, id:’ directive output may be truncated writing 9 bytes into a region of size between 0 and 255 [-Wformat-truncation=] snprintf(str, sizeof(str), "(%s/rtp, id:%u, ip:%s, " ^~~~~~~~~~~~~~~~~~~~~~~~~ mgcp_conn.c:248:30: note: directive argument in the range [0, 65535] mgcp_conn.c:248:30: note: directive argument in the range [0, 65535] mgcp_conn.c:248:3: note: ‘snprintf’ output 32 or more bytes (assuming 295) into a destination of size 256 snprintf(str, sizeof(str), "(%s/rtp, id:%u, ip:%s, " as mgcp_conn->name can already be up to 256 bytes, a total buffer size of 256 is insufficient! Change-Id: I5d48132b1358d19fe72e3901117737b09a42c69c --- M src/libosmo-mgcp/mgcp_conn.c 1 file changed, 1 insertion(+), 1 deletion(-) git pull ssh://gerrit.osmocom.org:29418/osmo-mgw refs/changes/96/4896/1 diff --git a/src/libosmo-mgcp/mgcp_conn.c b/src/libosmo-mgcp/mgcp_conn.c index e0eec63..e07b766 100644 --- a/src/libosmo-mgcp/mgcp_conn.c +++ b/src/libosmo-mgcp/mgcp_conn.c @@ -235,7 +235,7 @@ * \returns human readble string */ char *mgcp_conn_dump(struct mgcp_conn *conn) { - static char str[256]; + static char str[sizeof(conn->name)+256]; if (!conn) { snprintf(str, sizeof(str), "(null connection)"); -- To view, visit https://gerrit.osmocom.org/4896 To unsubscribe, visit https://gerrit.osmocom.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I5d48132b1358d19fe72e3901117737b09a42c69c Gerrit-PatchSet: 1 Gerrit-Project: osmo-mgw Gerrit-Branch: master Gerrit-Owner: Harald Welte <laforge at gnumonks.org>