[asterisk-bugs] [Asterisk 0018839]: A voicemail password that starts with a '*' results in a invalid mailbox
Asterisk Bug Tracker
noreply at bugs.digium.com
Fri Feb 18 14:49:44 CST 2011
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=18839
======================================================================
Reported By: nivek
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 18839
Category: Applications/app_voicemail
Reproducibility: always
Severity: minor
Priority: normal
Status: acknowledged
Asterisk Version: 1.8.2.3
JIRA: SWP-3135
Regression: No
Reviewboard Link:
SVN Branch (only for SVN checkouts, not tarball releases): 1.8
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2011-02-18 07:59 CST
Last Modified: 2011-02-18 14:49 CST
======================================================================
Summary: A voicemail password that starts with a '*' results
in a invalid mailbox
Description:
If a VM user wishes to use a '*' in a voicemail password, it will be
accepted. But when attempting to retrieve VM messages...you will be
properly authenticated when entering the VM password that begins with a
'*', but the resulting voicemail box storage path becomes
/var/spool/asterisk/<context>//INBOX not
/var/spool/asterisk/<context>/<vmbox>/INBOX.
======================================================================
----------------------------------------------------------------------
(0132178) nivek (reporter) - 2011-02-18 14:49
https://issues.asterisk.org/view.php?id=18839#c132178
----------------------------------------------------------------------
I never have either. Users always fine ways to screw with my brain. This
took me awhile to debug.
The only time it happens is if the '*' is the first character.
The code snip from app_queue.c shows why it does it...
9629 } else if (password[0] == '*') {
9630 /* user entered '*' */
9631 if (ast_exists_extension(chan, chan->context, "a", 1,
9632 S_COR(chan->caller.id.number.valid,
chan->caller.id.number.str, NULL))) {
9633 mailbox[0] = '*';
9634 return -1;
9635 }
9636 mailbox[0] = '\0'; <- that's the killer
9637 }
So changing the password[0] == '*' would be the place to do it...
example: strlen(password) == 1 && !strcmp(password, "*")
I know, use the ast_ functions I am just doing a quick and dirty example.
I would not think you could use the hash '#' cause it is used as an
'enter'. And I have NEVER seen an A, B, C, D keyed phone set.
But I would think it should be restricted to numeric. Thoughts?
Issue History
Date Modified Username Field Change
======================================================================
2011-02-18 14:49 nivek Note Added: 0132178
======================================================================
More information about the asterisk-bugs
mailing list