diff options
author | markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b> | 2004-07-14 13:57:15 +0000 |
---|---|---|
committer | markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b> | 2004-07-14 13:57:15 +0000 |
commit | 5d8654361451b217b1fc604f449554e74a11b70b (patch) | |
tree | 30a1118273807f5c6ba0e3ca611ab0c6a160fa3b /cdr | |
parent | 3aea726c3943cf31d2d90c194d1e126891b1481d (diff) |
Merge remaining audit patch (save dlfcn.c)
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@3436 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'cdr')
-rwxr-xr-x | cdr/cdr_csv.c | 66 | ||||
-rwxr-xr-x | cdr/cdr_odbc.c | 17 | ||||
-rwxr-xr-x | cdr/cdr_pgsql.c | 23 | ||||
-rwxr-xr-x | cdr/cdr_sqlite.c | 2 |
4 files changed, 57 insertions, 51 deletions
diff --git a/cdr/cdr_csv.c b/cdr/cdr_csv.c index 8c553db68..a1d391cfb 100755 --- a/cdr/cdr_csv.c +++ b/cdr/cdr_csv.c @@ -71,16 +71,16 @@ static char *name = "csv"; static FILE *mf = NULL; -static int append_string(char *buf, char *s, int len) +static int append_string(char *buf, char *s, size_t bufsize) { int pos = strlen(buf); int spos = 0; int error = 0; - if (pos >= len - 4) + if (pos >= bufsize - 4) return -1; buf[pos++] = '\"'; error = -1; - while(pos < len - 3) { + while(pos < bufsize - 3) { if (!s[spos]) { error = 0; break; @@ -96,87 +96,87 @@ static int append_string(char *buf, char *s, int len) return error; } -static int append_int(char *buf, int s, int len) +static int append_int(char *buf, int s, size_t bufsize) { char tmp[32]; int pos = strlen(buf); snprintf(tmp, sizeof(tmp), "%d", s); - if (pos + strlen(tmp) > len - 3) + if (pos + strlen(tmp) > bufsize - 3) return -1; - strncat(buf, tmp, len); + strncat(buf, tmp, bufsize - strlen(buf) - 1); pos = strlen(buf); buf[pos++] = ','; buf[pos++] = '\0'; return 0; } -static int append_date(char *buf, struct timeval tv, int len) +static int append_date(char *buf, struct timeval tv, size_t bufsize) { - char tmp[80]; + char tmp[80] = ""; struct tm tm; time_t t; t = tv.tv_sec; - if (strlen(buf) > len - 3) + if (strlen(buf) > bufsize - 3) return -1; if (!tv.tv_sec && !tv.tv_usec) { - strncat(buf, ",", len); + strncat(buf, ",", bufsize - strlen(buf) - 1); return 0; } localtime_r(&t,&tm); strftime(tmp, sizeof(tmp), DATE_FORMAT, &tm); - return append_string(buf, tmp, len); + return append_string(buf, tmp, bufsize); } -static int build_csv_record(char *buf, int len, struct ast_cdr *cdr) +static int build_csv_record(char *buf, size_t bufsize, struct ast_cdr *cdr) { buf[0] = '\0'; /* Account code */ - append_string(buf, cdr->accountcode, len); + append_string(buf, cdr->accountcode, bufsize); /* Source */ - append_string(buf, cdr->src, len); + append_string(buf, cdr->src, bufsize); /* Destination */ - append_string(buf, cdr->dst, len); + append_string(buf, cdr->dst, bufsize); /* Destination context */ - append_string(buf, cdr->dcontext, len); + append_string(buf, cdr->dcontext, bufsize); /* Caller*ID */ - append_string(buf, cdr->clid, len); + append_string(buf, cdr->clid, bufsize); /* Channel */ - append_string(buf, cdr->channel, len); + append_string(buf, cdr->channel, bufsize); /* Destination Channel */ - append_string(buf, cdr->dstchannel, len); + append_string(buf, cdr->dstchannel, bufsize); /* Last Application */ - append_string(buf, cdr->lastapp, len); + append_string(buf, cdr->lastapp, bufsize); /* Last Data */ - append_string(buf, cdr->lastdata, len); + append_string(buf, cdr->lastdata, bufsize); /* Start Time */ - append_date(buf, cdr->start, len); + append_date(buf, cdr->start, bufsize); /* Answer Time */ - append_date(buf, cdr->answer, len); + append_date(buf, cdr->answer, bufsize); /* End Time */ - append_date(buf, cdr->end, len); + append_date(buf, cdr->end, bufsize); /* Duration */ - append_int(buf, cdr->duration, len); + append_int(buf, cdr->duration, bufsize); /* Billable seconds */ - append_int(buf, cdr->billsec, len); + append_int(buf, cdr->billsec, bufsize); /* Disposition */ - append_string(buf, ast_cdr_disp2str(cdr->disposition), len); + append_string(buf, ast_cdr_disp2str(cdr->disposition), bufsize); /* AMA Flags */ - append_string(buf, ast_cdr_flags2str(cdr->amaflags), len); + append_string(buf, ast_cdr_flags2str(cdr->amaflags), bufsize); #ifdef CSV_LOGUNIQUEID /* Unique ID */ - append_string(buf, cdr->uniqueid, len); + append_string(buf, cdr->uniqueid, bufsize); #endif #ifdef CSV_LOGUSERFIELD /* append the user field */ - append_string(buf, cdr->userfield,len); + append_string(buf, cdr->userfield,bufsize); #endif /* If we hit the end of our buffer, log an error */ - if (strlen(buf) < len - 5) { + if (strlen(buf) < bufsize - 5) { /* Trim off trailing comma */ buf[strlen(buf) - 1] = '\0'; - strncat(buf, "\n", len); + strncat(buf, "\n", bufsize - strlen(buf) - 1); return 0; } return -1; @@ -205,7 +205,7 @@ static int csv_log(struct ast_cdr *cdr) /* Make sure we have a big enough buf */ char buf[1024]; char csvmaster[AST_CONFIG_MAX_PATH]; - snprintf((char *)csvmaster,sizeof(csvmaster)-1,"%s/%s/%s",(char *)ast_config_AST_LOG_DIR,CSV_LOG_DIR,CSV_MASTER); + snprintf(csvmaster, sizeof(csvmaster),"%s/%s/%s", ast_config_AST_LOG_DIR, CSV_LOG_DIR, CSV_MASTER); #if 0 printf("[CDR] %s ('%s' -> '%s') Dur: %ds Bill: %ds Disp: %s Flags: %s Account: [%s]\n", cdr->channel, cdr->src, cdr->dst, cdr->duration, cdr->billsec, ast_cdr_disp2str(cdr->disposition), ast_cdr_flags2str(cdr->amaflags), cdr->accountcode); #endif diff --git a/cdr/cdr_odbc.c b/cdr/cdr_odbc.c index 6cfe62211..e52730f2e 100755 --- a/cdr/cdr_odbc.c +++ b/cdr/cdr_odbc.c @@ -56,25 +56,25 @@ static int odbc_log(struct ast_cdr *cdr) short int ODBC_mlen; int ODBC_res; char ODBC_msg[200], ODBC_stat[10]; - char sqlcmd[2048], timestr[128]; + char sqlcmd[2048] = "", timestr[128]; int res = 0; struct tm tm; localtime_r(&cdr->start.tv_sec,&tm); ast_mutex_lock(&odbc_lock); - strftime(timestr,128,DATE_FORMAT,&tm); + strftime(timestr, sizeof(timestr), DATE_FORMAT, &tm); memset(sqlcmd,0,2048); if((loguniqueid != NULL) && ((strcmp(loguniqueid, "1") == 0) || (strcmp(loguniqueid, "yes") == 0))) { - sprintf(sqlcmd,"INSERT INTO cdr " + snprintf(sqlcmd,sizeof(sqlcmd),"INSERT INTO cdr " "(calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp," "lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid,userfield) " "VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"); } else { - sprintf(sqlcmd,"INSERT INTO cdr " + snprintf(sqlcmd,sizeof(sqlcmd),"INSERT INTO cdr " "(calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata," "duration,billsec,disposition,amaflags,accountcode) " "VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?)"); @@ -264,8 +264,9 @@ static int odbc_load_module(void) dsn = malloc(strlen(tmp) + 1); if (dsn != NULL) { + memset(dsn, 0, strlen(tmp) + 1); dsn_alloc = 1; - strcpy(dsn,tmp); + strncpy(dsn, tmp, strlen(tmp)); } else { @@ -285,8 +286,9 @@ static int odbc_load_module(void) username = malloc(strlen(tmp) + 1); if (username != NULL) { + memset(username, 0, strlen(tmp) + 1); username_alloc = 1; - strcpy(username,tmp); + strncpy(username, tmp, strlen(tmp)); } else { @@ -306,8 +308,9 @@ static int odbc_load_module(void) password = malloc(strlen(tmp) + 1); if (password != NULL) { + memset(password, 0, strlen(tmp) + 1); password_alloc = 1; - strcpy(password,tmp); + strncpy(password, tmp, strlen(tmp)); } else { diff --git a/cdr/cdr_pgsql.c b/cdr/cdr_pgsql.c index 902136c04..15a5f0efc 100755 --- a/cdr/cdr_pgsql.c +++ b/cdr/cdr_pgsql.c @@ -49,15 +49,13 @@ PGresult *result; static int pgsql_log(struct ast_cdr *cdr) { struct tm tm; - char sqlcmd[2048], timestr[128]; + char sqlcmd[2048] = "", timestr[128]; char *pgerror; ast_mutex_lock(&pgsql_lock); - memset(sqlcmd,0,2048); - localtime_r(&cdr->start.tv_sec,&tm); - strftime(timestr,128,DATE_FORMAT,&tm); + strftime(timestr, sizeof(timestr), DATE_FORMAT, &tm); if ((!connected) && pghostname && pgdbuser && pgpassword && pgdbname) { conn = PQsetdbLogin(pghostname, pgdbport, NULL, NULL, pgdbname, pgdbuser, pgpassword); @@ -101,7 +99,7 @@ static int pgsql_log(struct ast_cdr *cdr) ast_log(LOG_DEBUG,"cdr_pgsql: inserting a CDR record.\n"); - sprintf(sqlcmd,"INSERT INTO cdr (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid,userfield) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s','%s','%s')",timestr,clid,cdr->src, cdr->dst, dcontext,channel, dstchannel, lastapp, lastdata,cdr->duration,cdr->billsec,ast_cdr_disp2str(cdr->disposition),cdr->amaflags, cdr->accountcode, uniqueid, userfield); + snprintf(sqlcmd,sizeof(sqlcmd),"INSERT INTO cdr (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid,userfield) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s','%s','%s')",timestr,clid,cdr->src, cdr->dst, dcontext,channel, dstchannel, lastapp, lastdata,cdr->duration,cdr->billsec,ast_cdr_disp2str(cdr->disposition),cdr->amaflags, cdr->accountcode, uniqueid, userfield); ast_log(LOG_DEBUG,"cdr_pgsql: SQL command executed: %s\n",sqlcmd); /* Test to be sure we're still connected... */ @@ -204,8 +202,9 @@ static int my_load_module(void) if (tmp) { pghostname = malloc(strlen(tmp) + 1); if (pghostname != NULL) { + memset(pghostname, 0, strlen(tmp) + 1); hostname_alloc = 1; - strcpy(pghostname,tmp); + strncpy(pghostname, tmp, strlen(tmp)); } else { ast_log(LOG_ERROR,"Out of memory error.\n"); return -1; @@ -219,8 +218,9 @@ static int my_load_module(void) if (tmp) { pgdbname = malloc(strlen(tmp) + 1); if (pgdbname != NULL) { + memset(pgdbname, 0, strlen(tmp) + 1); dbname_alloc = 1; - strcpy(pgdbname,tmp); + strncpy(pgdbname, tmp, strlen(tmp)); } else { ast_log(LOG_ERROR,"Out of memory error.\n"); return -1; @@ -234,8 +234,9 @@ static int my_load_module(void) if (tmp) { pgdbuser = malloc(strlen(tmp) + 1); if (pgdbuser != NULL) { + memset(pgdbuser, 0, strlen(tmp) + 1); dbuser_alloc = 1; - strcpy(pgdbuser,tmp); + strncpy(pgdbuser, tmp, strlen(tmp)); } else { ast_log(LOG_ERROR,"Out of memory error.\n"); return -1; @@ -249,8 +250,9 @@ static int my_load_module(void) if (tmp) { pgpassword = malloc(strlen(tmp) + 1); if (pgpassword != NULL) { + memset(pgpassword, 0, strlen(tmp) + 1); password_alloc = 1; - strcpy(pgpassword,tmp); + strncpy(pgpassword, tmp, strlen(tmp)); } else { ast_log(LOG_ERROR,"Out of memory error.\n"); return -1; @@ -264,8 +266,9 @@ static int my_load_module(void) if (tmp) { pgdbport = malloc(strlen(tmp) + 1); if (pgdbport != NULL) { + memset(pgdbport, 0, strlen(tmp) + 1); dbport_alloc = 1; - strcpy(pgdbport,tmp); + strncpy(pgdbport, tmp, strlen(tmp)); } else { ast_log(LOG_ERROR,"Out of memory error.\n"); return -1; diff --git a/cdr/cdr_sqlite.c b/cdr/cdr_sqlite.c index b63273263..adfc81b53 100755 --- a/cdr/cdr_sqlite.c +++ b/cdr/cdr_sqlite.c @@ -162,7 +162,7 @@ int load_module(void) int res; /* is the database there? */ - snprintf((char *)fn,sizeof(fn)-1,"%s/cdr.db",(char *)ast_config_AST_LOG_DIR); + snprintf(fn, sizeof(fn), "%s/cdr.db", ast_config_AST_LOG_DIR); db = sqlite_open(fn, 0660, &zErr); if (!db) { ast_log(LOG_ERROR, "cdr_sqlite: %s\n", zErr); |