diff options
| author | tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b> | 2011-05-02 19:15:46 +0000 |
|---|---|---|
| committer | tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b> | 2011-05-02 19:15:46 +0000 |
| commit | ece0fb2c41b653eaa0b4d2912a3acf66ef93221d (patch) | |
| tree | 0343e40b4dabf80eca787ebacb3ee5c1b50463cc | |
| parent | d6587fa72514d1322efd83c361f27cda8544f2d0 (diff) | |
Merged revisions 316094 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.8
................
r316094 | tilghman | 2011-05-02 14:09:55 -0500 (Mon, 02 May 2011) | 15 lines
Merged revisions 316093 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
........
r316093 | tilghman | 2011-05-02 14:04:36 -0500 (Mon, 02 May 2011) | 8 lines
More possible crashes based upon invalid inputs.
(closes issue #18161)
Reported by: wdoekes
Patches:
20110301__issue18161.diff.txt uploaded by tilghman (license 14)
Tested by: wdoekes
........
................
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@316095 f38db490-d61c-443f-a65b-d21fe96a405b
| -rw-r--r-- | funcs/func_curl.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/funcs/func_curl.c b/funcs/func_curl.c index e5784652f..24f6fd923 100644 --- a/funcs/func_curl.c +++ b/funcs/func_curl.c @@ -582,6 +582,10 @@ static int acf_curl_helper(struct ast_channel *chan, const char *cmd, char *info *buf = '\0'; } + if (!str) { + return -1; + } + if (ast_strlen_zero(info)) { ast_log(LOG_WARNING, "CURL requires an argument (URL)\n"); ast_free(str); @@ -651,21 +655,22 @@ static int acf_curl_helper(struct ast_channel *chan, const char *cmd, char *info int rowcount = 0; while (fields && values && (piece = strsep(&remainder, "&"))) { char *name = strsep(&piece, "="); - if (!piece) { - piece = ""; - } /* Do this before the decode, because if something has encoded * a literal plus-sign, we don't want to translate that to a * space. */ if (hashcompat == HASHCOMPAT_LEGACY) { - ast_uri_decode(piece, ast_uri_http_legacy); + if (piece) { + ast_uri_decode(piece, ast_uri_http_legacy); + } ast_uri_decode(name, ast_uri_http_legacy); } else { - ast_uri_decode(piece, ast_uri_http); + if (piece) { + ast_uri_decode(piece, ast_uri_http); + } ast_uri_decode(name, ast_uri_http); } ast_str_append(&fields, 0, "%s%s", rowcount ? "," : "", name); - ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", piece); + ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", S_OR(piece, "")); rowcount++; } pbx_builtin_setvar_helper(chan, "~ODBCFIELDS~", ast_str_buffer(fields)); |