Module: kamailio Branch: master Commit: 7e8a70e9bf3d0b52eae1b7933633095686f234b2 URL: https://github.com/kamailio/kamailio/commit/7e8a70e9bf3d0b52eae1b79336330956...
Author: Victor Seva linuxmaniac@torreviejawireless.org Committer: Victor Seva linuxmaniac@torreviejawireless.org Date: 2023-07-13T00:12:59+02:00
jsonrcps: use strncpy() for setting boundaries
* use strncat()
https://github.com/kamailio/kamailio/security/code-scanning/2381 https://github.com/kamailio/kamailio/security/code-scanning/2380 https://github.com/kamailio/kamailio/security/code-scanning/1843 https://github.com/kamailio/kamailio/security/code-scanning/1841
---
Modified: src/modules/jsonrpcs/jsonrpcs_fifo.c Modified: src/modules/jsonrpcs/jsonrpcs_sock.c
---
Diff: https://github.com/kamailio/kamailio/commit/7e8a70e9bf3d0b52eae1b79336330956... Patch: https://github.com/kamailio/kamailio/commit/7e8a70e9bf3d0b52eae1b79336330956...
---
diff --git a/src/modules/jsonrpcs/jsonrpcs_fifo.c b/src/modules/jsonrpcs/jsonrpcs_fifo.c index f6ff7049890..906deb03334 100644 --- a/src/modules/jsonrpcs/jsonrpcs_fifo.c +++ b/src/modules/jsonrpcs/jsonrpcs_fifo.c @@ -560,10 +560,10 @@ int jsonrpc_fifo_mod_init(void) LM_ERR("no more pkg\n"); return -1; } - strcpy(p, runtime_dir); + strncpy(p, runtime_dir, len); if(sep) strcat(p, "/"); - strcat(p, jsonrpc_fifo); + strncat(p, jsonrpc_fifo, len - strlen(runtime_dir) - sep); jsonrpc_fifo = p; LM_DBG("fifo path is [%s]\n", jsonrpc_fifo); } diff --git a/src/modules/jsonrpcs/jsonrpcs_sock.c b/src/modules/jsonrpcs/jsonrpcs_sock.c index 4c6eb028a69..c73687a8239 100644 --- a/src/modules/jsonrpcs/jsonrpcs_sock.c +++ b/src/modules/jsonrpcs/jsonrpcs_sock.c @@ -205,10 +205,10 @@ int jsonrpc_dgram_mod_init(void) LM_ERR("no more pkg\n"); return -1; } - strcpy(p, runtime_dir); + strncpy(p, runtime_dir, len); if(sep) strcat(p, "/"); - strcat(p, jsonrpc_dgram_socket); + strncat(p, jsonrpc_dgram_socket, len - strlen(runtime_dir) - sep); jsonrpc_dgram_socket = p; LM_DBG("unix socket path is [%s]\n", jsonrpc_dgram_socket); }
-
Victor Seva