Function of a prototype:
static int parse_expression(char *str, expression **e, expression **e_exceptions)

in OpenSER 1.1.0 (SIP router implementation) is vulnerable to buffer overflow as /str/ might be longer than the destination (where it is coppied to).

[ reply ]