check buffer for possible overflow. Thanks Corydon76 Bug #788
authorJeremy McNamara <jj@nufone.net>
Sun, 11 Jan 2004 18:50:46 +0000 (18:50 +0000)
committerJeremy McNamara <jj@nufone.net>
Sun, 11 Jan 2004 18:50:46 +0000 (18:50 +0000)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@1951 65c4cc65-6c06-0410-ace0-fbb531ad65f3

channels/chan_sip.c

index 8e96395..fc051d4 100755 (executable)
@@ -4114,7 +4114,11 @@ static int get_msg_text(char *buf, int len, struct sip_request *req)
                y = 0;
        for (x=0;x<req->lines;x++) {
                strncat(buf, req->line[x], y);
-               strcat(buf, "\n");
+               y -= strlen(req->line[x]) + 1;
+               if (y < 0)
+                       y = 0;
+               if (y != 0)
+                       strcat(buf, "\n");
        }
        return 0;
 }