diff --git a/addons/Makefile b/addons/Makefile index 47da132470..866d34b1a5 100644 --- a/addons/Makefile +++ b/addons/Makefile @@ -59,6 +59,7 @@ endif include $(ASTTOPDIR)/Makefile.moddir_rules +chan_mobile.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) chan_ooh323.so: _ASTCFLAGS+=$(H323CFLAGS) $(call MOD_ADD_C,chan_ooh323,$(H323SOURCE)) diff --git a/apps/Makefile b/apps/Makefile index a53bbe2b8b..589293c1e6 100644 --- a/apps/Makefile +++ b/apps/Makefile @@ -29,7 +29,11 @@ include $(ASTTOPDIR)/Makefile.moddir_rules $(call MOD_ADD_C,app_confbridge,$(wildcard confbridge/*.c)) +app_confbridge.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) +app_meetme.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) +app_minivm.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) app_voicemail.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) +app_while.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) ifneq ($(findstring $(OSARCH), mingw32 cygwin ),) LIBS+= -lres_ael_share.so -lres_monitor.so -lres_speech.so diff --git a/apps/app_minivm.c b/apps/app_minivm.c index c09fba173a..211acc1db5 100644 --- a/apps/app_minivm.c +++ b/apps/app_minivm.c @@ -2786,11 +2786,11 @@ static char *message_template_parse_emailbody(const char *configuration) switch (tmpwrite[1]) { case 'n': memmove(tmpwrite + len, tmpwrite + 2, strlen(tmpwrite + 2) + 1); - strncpy(tmpwrite, "\n", len); + tmpwrite[0] = '\n'; break; case 't': memmove(tmpwrite + len, tmpwrite + 2, strlen(tmpwrite + 2) + 1); - strncpy(tmpwrite, "\t", len); + tmpwrite[0] = '\t'; break; default: ast_log(LOG_NOTICE, "Substitution routine does not support this character: %c\n", tmpwrite[1]); diff --git a/apps/app_queue.c b/apps/app_queue.c index e7779b7327..f920b8cafb 100644 --- a/apps/app_queue.c +++ b/apps/app_queue.c @@ -6581,7 +6581,7 @@ static void escape_and_substitute(struct ast_channel *chan, const char *input, static void setup_mixmonitor(struct queue_ent *qe, const char *filename) { char escaped_filename[256]; - char file_with_ext[256]; + char file_with_ext[sizeof(escaped_filename) + sizeof(qe->parent->monfmt)]; char mixmonargs[1512]; char escaped_monitor_exec[1024]; const char *monitor_options; diff --git a/apps/app_sms.c b/apps/app_sms.c index c50a68627b..0e379716dc 100644 --- a/apps/app_sms.c +++ b/apps/app_sms.c @@ -1214,7 +1214,7 @@ static void sms_compose2(sms_t *h, int more) { struct ast_tm tm; struct timeval now = h->scts; - char stm[9]; + char stm[45]; h->omsg[0] = 0x00; /* set later... */ h->omsg[1] = 0; diff --git a/apps/app_test.c b/apps/app_test.c index 7981dbd9a0..96772702a0 100644 --- a/apps/app_test.c +++ b/apps/app_test.c @@ -330,7 +330,6 @@ static int testserver_exec(struct ast_channel *chan, const char *data) { int res = 0; char testid[80]=""; - char fn[80]; FILE *f; if (ast_channel_state(chan) != AST_STATE_UP) res = ast_answer(chan); @@ -357,6 +356,8 @@ static int testserver_exec(struct ast_channel *chan, const char *data) if (strchr(testid, '/')) res = -1; if ((res >=0) && (!ast_strlen_zero(testid))) { + char fn[PATH_MAX]; + /* Got a Test ID! Whoo hoo! */ /* Make the directory to hold the test results in case it's not there */ snprintf(fn, sizeof(fn), "%s/testresults", ast_config_AST_LOG_DIR); diff --git a/apps/app_voicemail.c b/apps/app_voicemail.c index c4df4dcbb9..c3bfeb48b6 100644 --- a/apps/app_voicemail.c +++ b/apps/app_voicemail.c @@ -1025,7 +1025,7 @@ struct mwi_sub { int old_new; int old_old; char *uniqueid; - char mailbox[1]; + char mailbox[0]; }; struct mwi_sub_task { @@ -13140,7 +13140,7 @@ static int handle_subscribe(void *datap) struct mwi_sub *mwi_sub; struct mwi_sub_task *p = datap; - len = sizeof(*mwi_sub); + len = sizeof(*mwi_sub) + 1; if (!ast_strlen_zero(p->mailbox)) len += strlen(p->mailbox); diff --git a/channels/Makefile b/channels/Makefile index 9f6f9d6aab..6398d9599a 100644 --- a/channels/Makefile +++ b/channels/Makefile @@ -30,6 +30,9 @@ $(call MOD_ADD_C,chan_dahdi,$(wildcard dahdi/*.c) sig_analog.c sig_pri.c sig_ss7 $(call MOD_ADD_C,chan_misdn,misdn_config.c misdn/isdn_lib.c misdn/isdn_msg_parser.c) chan_mgcp.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) +chan_unistim.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) +chan_phone.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) +chan_sip.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) chan_misdn.o: _ASTCFLAGS+=-Imisdn misdn_config.o: _ASTCFLAGS+=-Imisdn diff --git a/channels/chan_dahdi.c b/channels/chan_dahdi.c index 7c54cf3176..34aed16ec4 100644 --- a/channels/chan_dahdi.c +++ b/channels/chan_dahdi.c @@ -1781,7 +1781,7 @@ static void publish_dahdichannel(struct ast_channel *chan, int span, const char */ static void dahdi_ami_channel_event(struct dahdi_pvt *p, struct ast_channel *chan) { - char ch_name[20]; + char ch_name[23]; if (p->channel < CHAN_PSEUDO) { /* No B channel */ diff --git a/channels/chan_iax2.c b/channels/chan_iax2.c index dec9dfda12..d2bf108756 100644 --- a/channels/chan_iax2.c +++ b/channels/chan_iax2.c @@ -14303,7 +14303,7 @@ static int iax2_matchmore(struct ast_channel *chan, const char *context, const c static int iax2_exec(struct ast_channel *chan, const char *context, const char *exten, int priority, const char *callerid, const char *data) { char odata[256]; - char req[256]; + char req[sizeof(odata) + AST_MAX_CONTEXT + AST_MAX_EXTENSION + sizeof("IAX2//@")]; char *ncontext; struct iax2_dpcache *dp = NULL; struct ast_app *dial = NULL; diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 46f9ad699b..ff207ff404 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -35199,21 +35199,22 @@ AST_TEST_DEFINE(test_tcp_message_fragmentation) struct ast_str *overflow; struct { char **fragments; + size_t fragment_count; char **expected; int num_expected; const char *description; } tests[] = { - { normal, normal, 1, "normal" }, - { fragmented, normal, 1, "fragmented" }, - { fragmented_body, normal, 1, "fragmented_body" }, - { multi_fragment, normal, 1, "multi_fragment" }, - { multi_message, multi_message_divided, 2, "multi_message" }, - { multi_message_body, multi_message_body_divided, 2, "multi_message_body" }, - { multi_message_in_fragments, multi_message_divided, 2, "multi_message_in_fragments" }, - { compact, compact, 1, "compact" }, - { faux, faux, 1, "faux" }, - { folded, folded, 1, "folded" }, - { cl_in_body, cl_in_body, 1, "cl_in_body" }, + { normal, ARRAY_LEN(normal), normal, 1, "normal" }, + { fragmented, ARRAY_LEN(fragmented), normal, 1, "fragmented" }, + { fragmented_body, ARRAY_LEN(fragmented_body), normal, 1, "fragmented_body" }, + { multi_fragment, ARRAY_LEN(multi_fragment), normal, 1, "multi_fragment" }, + { multi_message, ARRAY_LEN(multi_message), multi_message_divided, 2, "multi_message" }, + { multi_message_body, ARRAY_LEN(multi_message_body), multi_message_body_divided, 2, "multi_message_body" }, + { multi_message_in_fragments, ARRAY_LEN(multi_message_in_fragments), multi_message_divided, 2, "multi_message_in_fragments" }, + { compact, ARRAY_LEN(compact), compact, 1, "compact" }, + { faux, ARRAY_LEN(faux), faux, 1, "faux" }, + { folded, ARRAY_LEN(folded), folded, 1, "folded" }, + { cl_in_body, ARRAY_LEN(cl_in_body), cl_in_body, 1, "cl_in_body" }, }; int i; enum ast_test_result_state res = AST_TEST_PASS; @@ -35241,7 +35242,7 @@ AST_TEST_DEFINE(test_tcp_message_fragmentation) } for (i = 0; i < ARRAY_LEN(tests); ++i) { int num_messages = 0; - if (mock_tcp_loop(tests[i].fragments, ARRAY_LEN(tests[i].fragments), + if (mock_tcp_loop(tests[i].fragments, tests[i].fragment_count, &overflow, tests[i].expected, &num_messages, test)) { ast_test_status_update(test, "Failed to parse message '%s'\n", tests[i].description); res = AST_TEST_FAIL; diff --git a/channels/chan_skinny.c b/channels/chan_skinny.c index 0093a1fcb2..2b13e5eaaa 100644 --- a/channels/chan_skinny.c +++ b/channels/chan_skinny.c @@ -3706,49 +3706,49 @@ static char *skinny_debugs(void) int posn = 0; ptr = dbgcli_buf; - strncpy(ptr, "\0", 1); + ptr[0] = '\0'; if (skinnydebug & DEBUG_GENERAL) { - strncpy(ptr, "general ", 8); + strcpy(ptr, "general "); /* SAFE */ posn += 8; ptr += 8; } if (skinnydebug & DEBUG_SUB) { - strncpy(ptr, "sub ", 4); + strcpy(ptr, "sub "); /* SAFE */ posn += 4; ptr += 4; } if (skinnydebug & DEBUG_AUDIO) { - strncpy(ptr, "audio ", 6); + strcpy(ptr, "audio "); /* SAFE */ posn += 6; ptr += 6; } if (skinnydebug & DEBUG_PACKET) { - strncpy(ptr, "packet ", 7); + strcpy(ptr, "packet "); /* SAFE */ posn += 7; ptr += 7; } if (skinnydebug & DEBUG_LOCK) { - strncpy(ptr, "lock ", 5); + strcpy(ptr, "lock "); /* SAFE */ posn += 5; ptr += 5; } if (skinnydebug & DEBUG_TEMPLATE) { - strncpy(ptr, "template ", 9); + strcpy(ptr, "template "); /* SAFE */ posn += 9; ptr += 9; } if (skinnydebug & DEBUG_THREAD) { - strncpy(ptr, "thread ", 7); + strcpy(ptr, "thread "); /* SAFE */ posn += 7; ptr += 7; } if (skinnydebug & DEBUG_HINT) { - strncpy(ptr, "hint ", 5); + strcpy(ptr, "hint "); /* SAFE */ posn += 5; ptr += 5; } if (skinnydebug & DEBUG_KEEPALIVE) { - strncpy(ptr, "keepalive ", 10); + strcpy(ptr, "keepalive "); /* SAFE */ posn += 10; ptr += 10; } @@ -6427,7 +6427,6 @@ static int handle_stimulus_message(struct skinny_req *req, struct skinnysession case STIMULUS_CALLPARK: { char extout[AST_MAX_EXTENSION]; - char message[32]; RAII_VAR(struct ast_bridge_channel *, bridge_channel, NULL, ao2_cleanup); SKINNY_DEBUG(DEBUG_PACKET, 3, "Received STIMULUS_CALLPARK from %s, inst %d, callref %d\n", d->name, instance, callreference); @@ -6449,7 +6448,10 @@ static int handle_stimulus_message(struct skinny_req *req, struct skinnysession } if (!ast_parking_park_call(bridge_channel, extout, sizeof(extout))) { - snprintf(message, sizeof(message), "Call Parked at: %s", extout); + static const char msg_prefix[] = "Call Parked at: "; + char message[sizeof(msg_prefix) + sizeof(extout)]; + + snprintf(message, sizeof(message), "%s%s", msg_prefix, extout); transmit_displaynotify(d, message, 10); break; } @@ -7180,7 +7182,6 @@ static int handle_soft_key_event_message(struct skinny_req *req, struct skinnyse case SOFTKEY_PARK: { char extout[AST_MAX_EXTENSION]; - char message[32]; RAII_VAR(struct ast_bridge_channel *, bridge_channel, NULL, ao2_cleanup); SKINNY_DEBUG(DEBUG_PACKET, 3, "Received SOFTKEY_PARK from %s, inst %d, callref %d\n", d->name, instance, callreference); @@ -7202,7 +7203,10 @@ static int handle_soft_key_event_message(struct skinny_req *req, struct skinnyse } if (!ast_parking_park_call(bridge_channel, extout, sizeof(extout))) { - snprintf(message, sizeof(message), "Call Parked at: %s", extout); + static const char msg_prefix[] = "Call Parked at: "; + char message[sizeof(msg_prefix) + sizeof(extout)]; + + snprintf(message, sizeof(message), "%s%s", msg_prefix, extout); transmit_displaynotify(d, message, 10); break; } diff --git a/channels/iax2/parser.c b/channels/iax2/parser.c index 8880b9280e..b94d306d58 100644 --- a/channels/iax2/parser.c +++ b/channels/iax2/parser.c @@ -415,7 +415,7 @@ static void dump_ies(unsigned char *iedata, int len) int x; int found; char interp[1024]; - char tmp[1024]; + char tmp[1046]; if (len < 2) return; diff --git a/configure b/configure index c1a06e848d..223bd05ee8 100755 --- a/configure +++ b/configure @@ -686,6 +686,7 @@ BIND8_CFLAGS AST_RPATH AST_NATIVE_ARCH AST_SHADOW_WARNINGS +AST_NO_STRINGOP_TRUNCATION AST_NO_FORMAT_TRUNCATION AST_NO_STRICT_OVERFLOW AST_FORTIFY_SOURCE @@ -18380,6 +18381,19 @@ $as_echo "no" >&6; } fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for -Wno-stringop-truncation" >&5 +$as_echo_n "checking for -Wno-stringop-truncation... " >&6; } +if $(${CC} -Wno-stringop-truncation -Werror -S -o /dev/null -xc /dev/null > /dev/null 2>&1); then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + AST_NO_STRINGOP_TRUNCATION=-Wno-stringop-truncation +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + AST_NO_STRINGOP_TRUNCATION= +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -Wshadow" >&5 $as_echo_n "checking for -Wshadow... " >&6; } if $(${CC} -Wshadow -Werror -S -o /dev/null -xc /dev/null > /dev/null 2>&1); then diff --git a/configure.ac b/configure.ac index e94febe1df..16459e0c44 100644 --- a/configure.ac +++ b/configure.ac @@ -1276,6 +1276,16 @@ else fi AC_SUBST(AST_NO_FORMAT_TRUNCATION) +AC_MSG_CHECKING(for -Wno-stringop-truncation) +if $(${CC} -Wno-stringop-truncation -Werror -S -o /dev/null -xc /dev/null > /dev/null 2>&1); then + AC_MSG_RESULT(yes) + AST_NO_STRINGOP_TRUNCATION=-Wno-stringop-truncation +else + AC_MSG_RESULT(no) + AST_NO_STRINGOP_TRUNCATION= +fi +AC_SUBST(AST_NO_STRINGOP_TRUNCATION) + AC_MSG_CHECKING(for -Wshadow) if $(${CC} -Wshadow -Werror -S -o /dev/null -xc /dev/null > /dev/null 2>&1); then AC_MSG_RESULT(yes) diff --git a/funcs/Makefile b/funcs/Makefile index 3f65070e33..40df635d88 100644 --- a/funcs/Makefile +++ b/funcs/Makefile @@ -25,3 +25,5 @@ include $(ASTTOPDIR)/Makefile.moddir_rules # warning must be disabled; for safety reasons, SPRINTF() is kept in # a separate module so that as little code as possible is left unchecked func_sprintf.o: _ASTCFLAGS+=-Wno-format-nonliteral + +func_groupcount.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) diff --git a/main/config.c b/main/config.c index f7f0d7be13..2684fc08bf 100644 --- a/main/config.c +++ b/main/config.c @@ -1734,7 +1734,7 @@ static int process_text_line(struct ast_config *cfg, struct ast_category **cat, char *c; char *cur = buf; struct ast_variable *v; - char cmd[512], exec_file[512]; + char exec_file[512]; /* Actually parse the entry */ if (cur[0] == '[') { /* A category header */ @@ -1907,10 +1907,16 @@ static int process_text_line(struct ast_config *cfg, struct ast_category **cat, We create a tmp file, then we #include it, then we delete it. */ if (!do_include) { struct timeval now = ast_tvnow(); + char cmd[1024]; + if (!ast_test_flag(&flags, CONFIG_FLAG_NOCACHE)) config_cache_attribute(configfile, ATTRIBUTE_EXEC, NULL, who_asked); snprintf(exec_file, sizeof(exec_file), "/var/tmp/exec.%d%d.%ld", (int)now.tv_sec, (int)now.tv_usec, (long)pthread_self()); - snprintf(cmd, sizeof(cmd), "%s > %s 2>&1", cur, exec_file); + if (snprintf(cmd, sizeof(cmd), "%s > %s 2>&1", cur, exec_file) >= sizeof(cmd)) { + ast_log(LOG_ERROR, "Failed to construct command string to execute %s.\n", cur); + + return -1; + } ast_safe_system(cmd); cur = exec_file; } else { diff --git a/main/manager.c b/main/manager.c index f1e44b352a..c14256247a 100644 --- a/main/manager.c +++ b/main/manager.c @@ -8007,7 +8007,8 @@ static int auth_http_callback(struct ast_tcptls_session_instance *ser, /* compute the expected response to compare with what we received */ { char *a2; - char a2_hash[256]; + /* ast_md5_hash outputs 32 characters plus NULL terminator. */ + char a2_hash[33]; char resp[256]; /* XXX Now request method are hardcoded in A2 */ diff --git a/main/pbx.c b/main/pbx.c index 70e72fe432..727018b4e7 100644 --- a/main/pbx.c +++ b/main/pbx.c @@ -6235,7 +6235,7 @@ struct store_hint { char *last_presence_message; AST_LIST_ENTRY(store_hint) list; - char data[1]; + char data[0]; }; AST_LIST_HEAD_NOLOCK(store_hints, store_hint); diff --git a/makeopts.in b/makeopts.in index d9cb90d7fc..b52eda7ef5 100644 --- a/makeopts.in +++ b/makeopts.in @@ -119,6 +119,7 @@ AST_DECLARATION_AFTER_STATEMENT=@AST_DECLARATION_AFTER_STATEMENT@ AST_TRAMPOLINES=@AST_TRAMPOLINES@ AST_NO_STRICT_OVERFLOW=@AST_NO_STRICT_OVERFLOW@ AST_NO_FORMAT_TRUNCATION=@AST_NO_FORMAT_TRUNCATION@ +AST_NO_STRINGOP_TRUNCATION=@AST_NO_STRINGOP_TRUNCATION@ AST_SHADOW_WARNINGS=@AST_SHADOW_WARNINGS@ AST_NESTED_FUNCTIONS=@AST_NESTED_FUNCTIONS@ AST_CLANG_BLOCKS=@AST_CLANG_BLOCKS@ diff --git a/pbx/dundi-parser.c b/pbx/dundi-parser.c index 856f4ae013..808559c592 100644 --- a/pbx/dundi-parser.c +++ b/pbx/dundi-parser.c @@ -386,7 +386,7 @@ static void dump_ies(unsigned char *iedata, int spaces, int len) int x; int found; char interp[1024]; - char tmp[1024]; + char tmp[1051]; if (len < 2) return; while(len >= 2) { diff --git a/pbx/pbx_dundi.c b/pbx/pbx_dundi.c index 92e71981f1..0420917231 100644 --- a/pbx/pbx_dundi.c +++ b/pbx/pbx_dundi.c @@ -1237,7 +1237,6 @@ static int cache_lookup_internal(time_t now, struct dundi_request *req, char *ke static int cache_lookup(struct dundi_request *req, dundi_eid *peer_eid, uint32_t crc, int *lowexpiration) { - char key[256]; char eid_str[20]; char eidroot_str[20]; time_t now; @@ -1245,6 +1244,8 @@ static int cache_lookup(struct dundi_request *req, dundi_eid *peer_eid, uint32_t int res2=0; char eid_str_full[20]; char tmp[256]=""; + /* Enough space for largest value that can be stored in key. */ + char key[sizeof(eid_str) + sizeof(tmp) + sizeof(req->dcontext) + sizeof(eidroot_str) + sizeof("hint////r")]; int x; time(&now); diff --git a/res/Makefile b/res/Makefile index ec3417b35b..5ff38ad1b5 100644 --- a/res/Makefile +++ b/res/Makefile @@ -29,7 +29,7 @@ endif res_config_ldap.o: _ASTCFLAGS+=-DLDAP_DEPRECATED ael/ael_lex.o: ael/ael_lex.c ../include/asterisk/ael_structs.h ael/ael.tab.h -ael/ael_lex.o: _ASTCFLAGS+=-I. -Iael -Wno-unused +ael/ael_lex.o: _ASTCFLAGS+=-I. -Iael -Wno-unused $(AST_NO_FORMAT_TRUNCATION) ael/ael.tab.o: ael/ael.tab.c ael/ael.tab.h ../include/asterisk/ael_structs.h ael/ael.tab.o: _ASTCFLAGS+=-I. -Iael -DYYENABLE_NLS=0 @@ -70,5 +70,7 @@ $(call MOD_ADD_C,res_ari,ari/cli.c ari/config.c ari/ari_websockets.c) $(call MOD_ADD_C,res_ari_model,ari/ari_model_validators.c) $(call MOD_ADD_C,res_stasis_recording,stasis_recording/stored.c) +res_parking.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) + # Dependencies for res_ari_*.so are generated, so they're in this file include ari.make diff --git a/res/res_config_ldap.c b/res/res_config_ldap.c index d73f42b115..8edc32abe4 100644 --- a/res/res_config_ldap.c +++ b/res/res_config_ldap.c @@ -1959,9 +1959,7 @@ static int ldap_reconnect(void) */ static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) { - char status[256]; - char credentials[100] = ""; - char buf[362]; /* 256+100+" for "+NULL */ + struct ast_str *buf; int ctimesec = time(NULL) - connect_time; switch (cmd) { @@ -1978,14 +1976,18 @@ static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_c if (!ldapConn) return CLI_FAILURE; - if (!ast_strlen_zero(url)) - snprintf(status, sizeof(status), "Connected to '%s', baseDN %s", url, base_distinguished_name); + buf = ast_str_create(512); + if (!ast_strlen_zero(url)) { + ast_str_append(&buf, 0, "Connected to '%s', baseDN %s", url, base_distinguished_name); + } - if (!ast_strlen_zero(user)) - snprintf(credentials, sizeof(credentials), " with username %s", user); + if (!ast_strlen_zero(user)) { + ast_str_append(&buf, 0, " with username %s", user); + } - snprintf(buf, sizeof(buf), "%s%s for ", status, credentials); - ast_cli_print_timestr_fromseconds(a->fd, ctimesec, buf); + ast_str_append(&buf, 0, " for "); + ast_cli_print_timestr_fromseconds(a->fd, ctimesec, ast_str_buffer(buf)); + ast_free(buf); return CLI_SUCCESS; } diff --git a/res/res_musiconhold.c b/res/res_musiconhold.c index 1c8728cf70..137f83bac7 100644 --- a/res/res_musiconhold.c +++ b/res/res_musiconhold.c @@ -1142,7 +1142,7 @@ static int moh_scan_files(struct mohclass *class) { DIR *files_DIR; struct dirent *files_dirent; - char dir_path[PATH_MAX]; + char dir_path[PATH_MAX - sizeof(class->dir)]; char filepath[PATH_MAX]; char *ext; struct stat statbuf; diff --git a/res/res_pjsip/pjsip_resolver.c b/res/res_pjsip/pjsip_resolver.c index d6646d5032..5fd446468b 100644 --- a/res/res_pjsip/pjsip_resolver.c +++ b/res/res_pjsip/pjsip_resolver.c @@ -566,23 +566,26 @@ static void sip_resolve(pjsip_resolver_t *resolver, pj_pool_t *pool, const pjsip if (type == PJSIP_TRANSPORT_UNSPECIFIED || (type == PJSIP_TRANSPORT_TLS && sip_transport_is_available(PJSIP_TRANSPORT_TLS)) || (type == PJSIP_TRANSPORT_TLS6 && sip_transport_is_available(PJSIP_TRANSPORT_TLS6))) { - snprintf(srv, sizeof(srv), "_sips._tcp.%s", host); - res |= sip_resolve_add(resolve, srv, T_SRV, C_IN, - type == PJSIP_TRANSPORT_UNSPECIFIED ? PJSIP_TRANSPORT_TLS : type, 0); + if (snprintf(srv, sizeof(srv), "_sips._tcp.%s", host) < NI_MAXHOST) { + res |= sip_resolve_add(resolve, srv, T_SRV, C_IN, + type == PJSIP_TRANSPORT_UNSPECIFIED ? PJSIP_TRANSPORT_TLS : type, 0); + } } if (type == PJSIP_TRANSPORT_UNSPECIFIED || (type == PJSIP_TRANSPORT_TCP && sip_transport_is_available(PJSIP_TRANSPORT_TCP)) || (type == PJSIP_TRANSPORT_TCP6 && sip_transport_is_available(PJSIP_TRANSPORT_TCP6))) { - snprintf(srv, sizeof(srv), "_sip._tcp.%s", host); - res |= sip_resolve_add(resolve, srv, T_SRV, C_IN, - type == PJSIP_TRANSPORT_UNSPECIFIED ? PJSIP_TRANSPORT_TCP : type, 0); + if (snprintf(srv, sizeof(srv), "_sip._tcp.%s", host) < NI_MAXHOST) { + res |= sip_resolve_add(resolve, srv, T_SRV, C_IN, + type == PJSIP_TRANSPORT_UNSPECIFIED ? PJSIP_TRANSPORT_TCP : type, 0); + } } if (type == PJSIP_TRANSPORT_UNSPECIFIED || (type == PJSIP_TRANSPORT_UDP && sip_transport_is_available(PJSIP_TRANSPORT_UDP)) || (type == PJSIP_TRANSPORT_UDP6 && sip_transport_is_available(PJSIP_TRANSPORT_UDP6))) { - snprintf(srv, sizeof(srv), "_sip._udp.%s", host); - res |= sip_resolve_add(resolve, srv, T_SRV, C_IN, - type == PJSIP_TRANSPORT_UNSPECIFIED ? PJSIP_TRANSPORT_UDP : type, 0); + if (snprintf(srv, sizeof(srv), "_sip._udp.%s", host) < NI_MAXHOST) { + res |= sip_resolve_add(resolve, srv, T_SRV, C_IN, + type == PJSIP_TRANSPORT_UNSPECIFIED ? PJSIP_TRANSPORT_UDP : type, 0); + } } } diff --git a/tests/Makefile b/tests/Makefile index a65b88bac3..f64669bcdc 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -18,3 +18,6 @@ MENUSELECT_DESCRIPTION=Test Modules all: _all include $(ASTTOPDIR)/Makefile.moddir_rules + +test_strings.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) $(AST_NO_STRINGOP_TRUNCATION) +test_voicemail_api.o: _ASTCFLAGS+=$(AST_NO_FORMAT_TRUNCATION) diff --git a/utils/Makefile b/utils/Makefile index ae2af08e26..6bd33dacd1 100644 --- a/utils/Makefile +++ b/utils/Makefile @@ -163,7 +163,7 @@ aelparse.c: $(ASTTOPDIR)/res/ael/ael_lex.c $(CMD_PREFIX) sed 's/ast_debug([[:digit:]][[:digit:]]*/ast_log(LOG_DEBUG/' "$@" > "$@.new" $(CMD_PREFIX) mv "$@.new" "$@" -aelparse.o: _ASTCFLAGS+=-I$(ASTTOPDIR)/res -Wno-unused +aelparse.o: _ASTCFLAGS+=-I$(ASTTOPDIR)/res -Wno-unused $(AST_NO_FORMAT_TRUNCATION) aelparse: LIBS+=-lm $(AST_CLANG_BLOCKS_LIBS) aelparse: aelparse.o aelbison.o pbx_ael.o hashtab.o lock.o ael_main.o ast_expr2f.o ast_expr2.o strcompat.o pval.o extconf.o astmm.o diff --git a/utils/ael_main.c b/utils/ael_main.c index f4521e183f..e0e45015c4 100644 --- a/utils/ael_main.c +++ b/utils/ael_main.c @@ -374,7 +374,7 @@ void ast_context_add_switch2(struct ast_context *con, const char *value, const c if( dump_extensions ) { struct namelist *x; x = create_name((char*)value); - strncpy(x->name2,data,100); + strncpy(x->name2, data, 99); if( eval ) { ADD_LAST(con->switches,x); diff --git a/utils/astman.c b/utils/astman.c index d4757d026a..2d382f5c3f 100644 --- a/utils/astman.c +++ b/utils/astman.c @@ -530,14 +530,15 @@ static void try_redirect(newtComponent c) struct ast_chan *chan; char dest[256]; struct message *m; + static const char tmp_prefix[] = "Enter new extension for "; char channame[256]; - char tmp[80]; + char tmp[sizeof(tmp_prefix) + sizeof(channame)]; char *context; chan = newtListboxGetCurrent(c); if (chan) { strncpy(channame, chan->name, sizeof(channame) - 1); - snprintf(tmp, sizeof(tmp), "Enter new extension for %s", channame); + snprintf(tmp, sizeof(tmp), "%s%s", tmp_prefix, channame); if (get_user_input(tmp, dest, sizeof(dest))) return; if ((context = strchr(dest, '@'))) { diff --git a/utils/db1-ast/hash/ndbm.c b/utils/db1-ast/hash/ndbm.c index d702f737ae..16202eda0a 100644 --- a/utils/db1-ast/hash/ndbm.c +++ b/utils/db1-ast/hash/ndbm.c @@ -79,7 +79,7 @@ dbm_open(file, flags, mode) info.cachesize = 0; info.hash = NULL; info.lorder = 0; - (void)strncpy(path, file, len - 1); + (void)strcpy(path, file); /* SAFE */ (void)strncat(path, DBM_SUFFIX, len - strlen(path) - 1); db = (DBM *)__hash_open(path, flags, mode, &info, 0); #ifndef __GNUC__ diff --git a/utils/extconf.c b/utils/extconf.c index 541cbf800d..708a7eac74 100644 --- a/utils/extconf.c +++ b/utils/extconf.c @@ -2918,7 +2918,7 @@ static int process_text_line(struct ast_config *cfg, struct ast_category **cat, char *c; char *cur = buf; struct ast_variable *v; - char cmd[512], exec_file[512]; + char exec_file[512]; int object, do_exec, do_include; /* Actually parse the entry */ @@ -3032,8 +3032,14 @@ static int process_text_line(struct ast_config *cfg, struct ast_category **cat, /* #exec We create a tmp file, then we #include it, then we delete it. */ if (do_exec) { + char cmd[1024]; + snprintf(exec_file, sizeof(exec_file), "/var/tmp/exec.%d.%ld", (int)time(NULL), (long)pthread_self()); - snprintf(cmd, sizeof(cmd), "%s > %s 2>&1", cur, exec_file); + if (snprintf(cmd, sizeof(cmd), "%s > %s 2>&1", cur, exec_file) >= sizeof(cmd)) { + ast_log(LOG_ERROR, "Failed to construct command string to execute %s.\n", cur); + + return -1; + } ast_safe_system(cmd); cur = exec_file; } else