mgcp: Address scanf issue already found by cppcheck and now ASAN
Use the right size for scanf. ================================================================= ==6106== ERROR: AddressSanitizer: unknown-crash on address 0xbffff4b0 at pc 0xb69d87fd bp 0xbffff248 sp 0xbffff21c WRITE of size 65 at 0xbffff4b0 thread T0 #0 0xb69d87fc (/usr/lib/i386-linux-gnu/libasan.so.0.0.0+0xa7fc) #1 0xb69d9239 (/usr/lib/i386-linux-gnu/libasan.so.0.0.0+0xb239) #2 0xb69d92d6 (/usr/lib/i386-linux-gnu/libasan.so.0.0.0+0xb2d6) #3 0x804f151 (/home/ich/source/gsm/openbsc/openbsc/tests/mgcp/mgcp_test+0x804f151) #4 0x80531e8 (/home/ich/source/gsm/openbsc/openbsc/tests/mgcp/mgcp_test+0x80531e8) #5 0x8051e6f (/home/ich/source/gsm/openbsc/openbsc/tests/mgcp/mgcp_test+0x8051e6f) #6 0x8049b0a (/home/ich/source/gsm/openbsc/openbsc/tests/mgcp/mgcp_test+0x8049b0a) #7 0x804bd9e (/home/ich/source/gsm/openbsc/openbsc/tests/mgcp/mgcp_test+0x804bd9e) #8 0xb6778a62 (/lib/i386-linux-gnu/i686/cmov/libc-2.18.so+0x19a62) #9 0x8049330 (/home/ich/source/gsm/openbsc/openbsc/tests/mgcp/mgcp_test+0x8049330) Address 0xbffff4b0 is located at offset 416 in frame <parse_sdp_data> of T0's stack: This frame has 8 object(s): [32, 36) 'audio_payload' [96, 100) 'payload' [160, 164) 'channels' [224, 228) 'ptime' [288, 292) 'port' [352, 368) 'ipv4' [416, 480) 'audio_name' [512, 576) 'audio_codec' HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are*
This commit is contained in:
parent
b691bf1d54
commit
4f0381b1c3
|
@ -621,7 +621,7 @@ static int parse_sdp_data(struct mgcp_rtp_end *rtp, struct mgcp_parse_data *p)
|
|||
if (audio_payload == -1)
|
||||
break;
|
||||
|
||||
if (sscanf(line, "a=rtpmap:%d %64s",
|
||||
if (sscanf(line, "a=rtpmap:%d %63s",
|
||||
&payload, audio_name) == 2) {
|
||||
if (payload != audio_payload)
|
||||
break;
|
||||
|
|
Loading…
Reference in New Issue