From 8fe45f0f0aec2b8f422e992336f23fa5fbe4adbe Mon Sep 17 00:00:00 2001
From: Scott Griepentrog <sgriepentrog@digium.com>
Date: Tue, 9 Dec 2014 20:47:05 +0000
Subject: [PATCH] core: avoid possible asterisk -r crash from long id

When connecting to the remote console, an id string
is first provided that consts of the hostname, pid,
and version.  This is parsed by the remote instance
using a buffer that may be too short, and can allow
a buffer overrun because it is not terminated. This
patch adds termination and a larger buffer.

Review: https://reviewboard.asterisk.org/r/4182/
........

Merged revisions 429223 from http://svn.asterisk.org/svn/asterisk/branches/13


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@429224 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 main/asterisk.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/main/asterisk.c b/main/asterisk.c
index 1c69942..0a5ab13 100644
--- a/main/asterisk.c
+++ b/main/asterisk.c
@@ -3200,7 +3200,7 @@ static int ast_el_read_history(char *filename)
 
 static void ast_remotecontrol(char *data)
 {
-	char buf[80];
+	char buf[256] = "";
 	int res;
 	char filename[80] = "";
 	char *hostname;
@@ -3217,7 +3217,7 @@ static void ast_remotecontrol(char *data)
 	signal(SIGTERM, __remote_quit_handler);
 	signal(SIGHUP, __remote_quit_handler);
 
-	if (read(ast_consock, buf, sizeof(buf)) < 0) {
+	if (read(ast_consock, buf, sizeof(buf) - 1) < 0) {
 		ast_log(LOG_ERROR, "read() failed: %s\n", strerror(errno));
 		return;
 	}
-- 
1.7.9.5