Browse code

Fix bug which causes an error during the convertion from string to timeb

- add buffer in time_from_string. copy given string into buffer and finish it with '\0' to use c-string functions correctly.

Sven Knoblich authored on 14/09/2011 12:43:32
Showing 1 changed files
... ...
@@ -46,6 +46,8 @@
46 46
 
47 47
 #include <sys/timeb.h>
48 48
 
49
+#define TIME_STR_BUFFER_SIZE 20
50
+
49 51
 struct dlg_binds dlgb;
50 52
 struct acc_extra* cdr_extra = NULL;
51 53
 int cdr_facility = LOG_DAEMON;
... ...
@@ -196,37 +198,49 @@ static int write_cdr( struct dlg_cell* dialog,
196 198
 
197 199
 /* convert a string into a timeb struct */
198 200
 static struct timeb time_from_string( str* time_value)
199
-{
200
-    char* point_adresse = NULL;
201
-    int point_position = -1;
201
+{    
202
+    char* dot_adress = NULL;
203
+    int dot_position = -1;
204
+    char zero_terminated_value[TIME_STR_BUFFER_SIZE];
202 205
 
203 206
     if( !time_value)
204 207
     {
205 208
         LM_ERR( "time_value is empty!");
206 209
         return time_error;
207 210
     }
208
-
209
-    point_adresse = strchr( time_value->s, time_separator);
210
-
211
-    if( !point_adresse)
211
+    
212
+    if( time_value->len >= TIME_STR_BUFFER_SIZE)
213
+    {
214
+        LM_ERR( "time_value is to long %d >= %d!", 
215
+		time_value->len, 
216
+		TIME_STR_BUFFER_SIZE);
217
+        return time_error;
218
+    }
219
+    
220
+    memcpy( zero_terminated_value, time_value->s, time_value->len);
221
+    zero_terminated_value[time_value->len] = '\0';
222
+    
223
+    dot_adress = strchr( zero_terminated_value, time_separator);
224
+    
225
+    if( !dot_adress)
212 226
     {
213 227
         LM_ERR( "failed to find separator('%c') in '%s'!\n",
214 228
                 time_separator,
215
-                time_value->s);
229
+                zero_terminated_value);
216 230
         return time_error;
217 231
     }
218
-
219
-    point_position = point_adresse-time_value->s + 1;
220
-
221
-    if( point_position >= strlen(time_value->s) ||
222
-        strchr(point_adresse + 1, time_separator))
232
+    
233
+    dot_position = dot_adress-zero_terminated_value + 1;
234
+    
235
+    if( dot_position >= strlen(zero_terminated_value) ||
236
+        strchr(dot_adress + 1, time_separator))
223 237
     {
224
-        LM_ERR( "invalid time-string '%s'\n", time_value->s);
238
+        LM_ERR( "invalid time-string '%s'\n", zero_terminated_value);
225 239
         return time_error;
226 240
     }
227
-
228
-    return (struct timeb) { atoi( time_value->s),
229
-                            atoi( point_adresse + 1),
241
+    
242
+    return (struct timeb) { atoi( zero_terminated_value),
243
+                            atoi( dot_adress + 1),
230 244
                             0,
231 245
                             0};
232 246
 }