mirror of
https://github.com/signalwire/freeswitch.git
synced 2026-07-04 19:31:56 +00:00
22de26cc7c
* [libesl] Validate `Content-Length` in `esl_recv_event`. `atol()` accepted negative values, allowing a remote ESL peer to cause a one-byte heap underwrite (`Content-Length: -1`) or NULL-pointer dereference (`Content-Length: -2`, since `esl_assert` compiles out under `NDEBUG`). Reject negative and oversized values, and check `malloc` failure instead of relying on `assert`. Cap at `ESL_MAX_CONTENT_LENGTH` (16 MiB). * [libesl] Add test_recv_event.
12 lines
349 B
Makefile
12 lines
349 B
Makefile
AUTOMAKE_OPTIONS = foreign
|
|
|
|
if BUILD_TESTS
|
|
noinst_PROGRAMS = test_recv_event
|
|
TESTS = $(noinst_PROGRAMS)
|
|
|
|
test_recv_event_SOURCES = test_recv_event.c
|
|
test_recv_event_CFLAGS = $(AM_CFLAGS) -I$(switch_srcdir)/libs/esl/src/include
|
|
test_recv_event_LDADD = $(top_builddir)/libs/esl/libesl.la
|
|
test_recv_event_LDFLAGS = $(AM_LDFLAGS) -lpthread -lm
|
|
endif
|