[kamailio/kamailio] pv_headers: fix possible mem. overflow issue and wrong size string (PR #3095) - sr-dev

28 Apr 2022


      &lt;!-- Kamailio Pull Request Template --&gt;
&lt;!--
IMPORTANT:
  - for detailed contributing guidelines, read:
    https://github.com/kamailio/kamailio/blob/master/.github/CONTRIBUTING.md
  - pull requests must be done to master branch, unless they are backports
    of fixes from master branch to a stable branch
  - backports to stable branches must be done with &#39;git cherry-pick -x ...&#39;
  - code is contributed under BSD for core and main components (tm, sl, auth, tls)
  - code is contributed GPLv2 or a compatible license for the other components
  - GPL code is contributed with OpenSSL licensing exception
--&gt;
#### Pre-Submission Checklist
&lt;!-- Go over all points below, and after creating the PR, tick all the checkboxes that apply --&gt;
&lt;!-- All points should be verified, otherwise, read the CONTRIBUTING guidelines from above--&gt;
&lt;!-- If you&#39;re unsure about any of these, don&#39;t hesitate to ask on sr-dev mailing list --&gt;
- [X] Commit message has the format required by CONTRIBUTING guide
- [X] Commits are split per component (core, individual modules, libs, utils, ...)
- [X] Each component has a single commit (if not, squash them into one commit)
- [X] No commits to README files for modules (changes must be done to docbook files
in `doc/` subfolder, the README file is autogenerated)
#### Type Of Change
- [X] Small bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds new functionality)
- [ ] Breaking change (fix or feature that would change existing functionality)
#### Checklist:
&lt;!-- Go over all points below, and after creating the PR, tick the checkboxes that apply --&gt;
- [ ] PR should be backported to stable branches
- [X] Tested changes locally
- [ ] Related to issue #XXXX (replace XXXX with an open issue number)
#### Description
&lt;!-- Describe your changes in detail --&gt;
- remove a variable creation
Put two variable accessible to the entire function, renaming one to have some clarity. 
Remove the useless variable.
- Change from using snprintf to memset (no more \0 at last position)
This fix possible a memory overflow while using `snprintf`. This also add a \0 at the end of the structure, so a more direct approach with `memset` was used.
- change the destination of an allocated space being smaller than the source
Elements were being put into a smaller string, this commit makes the destination bigger then the source.
You can view, comment on, or merge this pull request online at:
https://github.com/kamailio/kamailio/pull/3095
-- Commit Summary --
* pv_headers: fix possible mem. overflow issue and wrong size string
-- File Changes --
M src/modules/pv_headers/pvh_func.c (26)
-- Patch Links --
https://github.com/kamailio/kamailio/pull/3095.patch
https://github.com/kamailio/kamailio/pull/3095.diff
-- 
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/3095
You are receiving this because you are subscribed to this thread.

Message ID: &lt;kamailio/kamailio/pull/3095@github.com&gt;