[asterisk-bugs] [Asterisk 0016291]: app_voicemail.c strip_control() strips more than just control chars

Asterisk Bug Tracker noreply at bugs.digium.com
Fri Nov 20 08:22:20 CST 2009


The following issue has been UPDATED. 
====================================================================== 
https://issues.asterisk.org/view.php?id=16291 
====================================================================== 
Reported By:                wdoekes
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   16291
Category:                   Applications/app_voicemail
Reproducibility:            always
Severity:                   trivial
Priority:                   normal
Status:                     acknowledged
Asterisk Version:           SVN 
JIRA:                        
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Request Review:              
====================================================================== 
Date Submitted:             2009-11-20 05:25 CST
Last Modified:              2009-11-20 08:22 CST
====================================================================== 
Summary:                    app_voicemail.c strip_control() strips more than
just control chars
Description: 
In app_voicemail.c in the function strip_control, the following check is
done:

static char *strip_control(const char *input, char *buf, size_t buflen)
{
        char *bufptr = buf;
        for (; *input; input++) {
                if (*input < 32) {
                        continue;

On many platforms, char is signed by default.
This way not only control characters, but also all characters above 127
are filtered as well.

This could be considered intended behaviour to make sure the Subject and
X-headers get 7-bit clean data, but as there also is a ast_str_encode_mime
to encode >127 chars according to a selected character set, it looks more
like a bug.

Suggested fix:
- Either rename strip_control to strip_control_and_high,
- Or cast (*input) to (unsigned char) in the comparison and add
ast_str_encode_mime calls to the X-headers where enc_cidnum and enc_cidname
are used.


Regards,
Walter Doekes
OSSO B.V.
====================================================================== 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-11-20 08:22 lmadsen        OS                       all =>              
2009-11-20 08:22 lmadsen        os_build                 all =>              
2009-11-20 08:22 lmadsen        Platform                 many =>             
2009-11-20 08:22 lmadsen        version                  1.6.1.10 =>         
2009-11-20 08:22 lmadsen        Build                    svn =>              
2009-11-20 08:22 lmadsen        Description Updated                          
======================================================================




More information about the asterisk-bugs mailing list