From 5651afcdaad287c6d0366b573568a4c9ddbb6ee0 Mon Sep 17 00:00:00 2001
From: "Kevin P. Fleming" <kpfleming@digium.com>
Date: Wed, 8 Oct 2008 22:26:55 +0000
Subject: [PATCH] Merged revisions 147681 via svnmerge from
 https://origsvn.digium.com/svn/asterisk/branches/1.4

........
  r147681 | kpfleming | 2008-10-08 17:22:09 -0500 (Wed, 08 Oct 2008) | 3 lines

  when parsing a text configuration option, ensure that the buffer on the stack is actually large enough to hold the legal values of that option, and also ensure that sscanf() knows to stop parsing if it would overrun the buffer (without these changes, specifying "buffers=...,immediate" would overflow the buffer on the stack, and could not have worked as expected)
........


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@147689 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 channels/chan_dahdi.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/channels/chan_dahdi.c b/channels/chan_dahdi.c
index 552b9841d3..9adad9c4d8 100644
--- a/channels/chan_dahdi.c
+++ b/channels/chan_dahdi.c
@@ -13655,8 +13655,9 @@ static int process_dahdi(struct dahdi_chan_conf *confp, const char *cat, struct
  					return -1;
 		} else if (!strcasecmp(v->name, "buffers")) {
 			int res;
-			char policy[8] = "";
-			res = sscanf(v->value, "%d,%s", &confp->chan.buf_no, policy);
+			char policy[21] = "";
+
+			res = sscanf(v->value, "%d,%20s", &confp->chan.buf_no, policy);
 			if (res != 2) {
 				ast_log(LOG_WARNING, "Parsing buffers option data failed, using defaults.\n");
 				confp->chan.buf_no = numbufs;
-- 
GitLab