core: avoid possible asterisk -r crash from long id

When connecting to the remote console, an id string is first provided that consts of the hostname, pid, and version. This is parsed by the remote instance using a buffer that may be too short, and can allow a buffer overrun because it is not terminated. This patch adds termination and a larger buffer. Review: https://reviewboard.asterisk.org/r/4182/ AFS-254 ........ Merged revisions 429223 from http://svn.asterisk.org/svn/asterisk/branches/13 git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/13.1@433918 65c4cc65-6c06-0410-ace0-fbb531ad65f3
10 years ago · b6fff2719d
parent 8ae3670781
commit b6fff2719d
1 changed files with 2 additions and 2 deletions
--- a/main/asterisk.c
+++ b/main/asterisk.c
@ -3299,7 +3299,7 @@ static int ast_el_read_history(char *filename)

 static void ast_remotecontrol(char *data)
 {
-	char buf[80];
+	char buf[256] = "";
 	int res;
 	char filename[80] = "";
 	char *hostname;
@ -3316,7 +3316,7 @@ static void ast_remotecontrol(char *data)
 	signal(SIGTERM, __remote_quit_handler);
 	signal(SIGHUP, __remote_quit_handler);

-	if (read(ast_consock, buf, sizeof(buf)) < 0) {
+	if (read(ast_consock, buf, sizeof(buf) - 1) < 0) {
 		ast_log(LOG_ERROR, "read() failed: %s\n", strerror(errno));
 		return;
 	}