[Freeswitch-dev] bug of switch_stun_random_string
Fanzhou Zhao
fanzhou at gmail.com
Tue Aug 22 06:52:55 EDT 2006
in the function switch_stun_random_string, there are two bugs.
1. the 2nd parameter len is uint16_t type, while the local varible x is
uint8_t type. If sometimes len is larger than 0xFF, the for loop will
be infinite loop.
2. anyway, after this function, there would be no "a" in the buf.
Please see the changes as followed.
Index: freeswitch/src/switch_stun.c
===================================================================
--- freeswitch/src/switch_stun.c (revision 0)
+++ freeswitch/src/switch_stun.c (working copy)
@@ -91,18 +91,18 @@
{
char chars[] =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
int max;
- uint8_t x;
+ uint16_t x;
if (!set) {
set = chars;
}
- max = (int)strlen(set) - 1;
+ max = (int)strlen(set);
srand((unsigned int)apr_time_now());
for(x = 0; x < len; x++) {
- int j = 1+(int)(max*1.0*rand()/(RAND_MAX+1.0));
+ int j = (int)(max*1.0*rand()/(RAND_MAX+1.0));
buf[x] = set[j];
}
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-dev/attachments/20060822/231625d3/attachment.html
More information about the Freeswitch-dev
mailing list