diff options
| author | tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-09-16 23:52:09 +0000 |
|---|---|---|
| committer | tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-09-16 23:52:09 +0000 |
| commit | a60d260ad9fc8f53a91716e94594b064d717f0ff (patch) | |
| tree | 08638a03dc430e9ed02fc4bb167fc64cceca54a7 /main | |
| parent | 684f1d98af74688b5d87d486344dc9bdc8622539 (diff) | |
Merged revisions 219061 via svnmerge from
https://origsvn.digium.com/svn/asterisk/trunk
................
r219061 | tilghman | 2009-09-16 18:42:12 -0500 (Wed, 16 Sep 2009) | 15 lines
Merged revisions 219023 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r219023 | tilghman | 2009-09-16 18:21:53 -0500 (Wed, 16 Sep 2009) | 8 lines
Properly deal with quotes in the arguments of '#exec' includes.
(closes issue #15583)
Reported by: pkempgen
Patches:
20090726__issue15583.diff.txt uploaded by tilghman (license 14)
20090726__issue15583-1.4-4.diff.txt uploaded by pkempgen (license 169)
Tested by: pkempgen
........
................
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.1@219062 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'main')
| -rw-r--r-- | main/config.c | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/main/config.c b/main/config.c index 9577c1d43..19d71697b 100644 --- a/main/config.c +++ b/main/config.c @@ -1045,18 +1045,28 @@ static int process_text_line(struct ast_config *cfg, struct ast_category **cat, return 0; /* XXX is this correct ? or we should return -1 ? */ } - /* Strip off leading and trailing "'s and <>'s */ - while ((*c == '<') || (*c == '>') || (*c == '\"')) c++; - /* Get rid of leading mess */ cur = c; - cur2 = cur; - while (!ast_strlen_zero(cur)) { - c = cur + strlen(cur) - 1; - if ((*c == '>') || (*c == '<') || (*c == '\"')) - *c = '\0'; - else - break; + /* Strip off leading and trailing "'s and <>'s */ + if (*c == '"') { + /* Dequote */ + while (*c) { + if (*c == '"') { + strcpy(c, c + 1); /* SAFE */ + c--; + } else if (*c == '\\') { + strcpy(c, c + 1); /* SAFE */ + } + c++; + } + } else if (*c == '<') { + /* C-style include */ + if (*(c + strlen(c) - 1) == '>') { + cur++; + *(c + strlen(c) - 1) = '\0'; + } } + cur2 = cur; + /* #exec </path/to/executable> We create a tmp file, then we #include it, then we delete it. */ if (!do_include) { |