[asterisk-bugs] [JIRA] (ASTERISK-29239) Using a = in a parameter for func_conf ODBC command skips it from running

Leandro Dardini (JIRA) noreply at issues.asterisk.org
Sun Jan 10 05:25:16 CST 2021 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-29239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=253333#comment-253333 ] 

Leandro Dardini commented on ASTERISK-29239:
--------------------------------------------

Ok, found the issue and attached a possible fix. The problem was in main/pbx_variables.c where there was no parsing of the Set command, but just a brute "strsep" looking for the first "=". I have replaced that command with a more complex scan based on the code I have found in other parts of the Asterisk source code. I am not really good at writing C, but I can read it and appreciate the really well-written code. File .diff in attach for the brave, here it is for the inpatients 

{noformat}
--- /usr/local/src/asterisk-16.15.1/main/pbx_variables.orig	2021-01-10 12:02:51.220040938 +0100
+++ /usr/local/src/asterisk-16.15.1/main/pbx_variables.c	2021-01-10 12:18:51.309314729 +0100
@@ -1126,7 +1126,8 @@
 
 int pbx_builtin_setvar(struct ast_channel *chan, const char *data)
 {
-	char *name, *value, *mydata;
+	char *name, *value, *mydata, *scan;
+	int paren = 0, quote = 0, bracket = 0;
 
 	if (ast_strlen_zero(data)) {
 		ast_log(LOG_WARNING, "Set requires one variable name/value pair.\n");
@@ -1134,8 +1135,36 @@
 	}
 
 	mydata = ast_strdupa(data);
-	name = strsep(&mydata, "=");
-	value = mydata;
+
+	scan=mydata;
+	name=NULL;
+	value=NULL;
+        
+	for (; *scan; scan++) {
+          if (*scan == '(') {
+            paren++;
+          } else if (*scan == ')') {
+            if (paren) {
+              paren--;
+            }
+          } else if (*scan == '[') {
+            bracket++;
+          } else if (*scan == ']') {
+            if (bracket) {
+              bracket--;
+            }
+          } else if (*scan == '"') {
+            quote = quote ? 0 : 1;
+          } else if (*scan == '\\') {
+            scan++;
+          } else if ((*scan == '=') && !paren && !quote && !bracket) {
+            *scan++ = '\0';
+            value=scan;
+            name=mydata;
+            break;
+          }
+        }
+
 	if (!value) {
 		ast_log(LOG_WARNING, "Set requires an '=' to be a valid assignment.\n");
 		return 0;

{noformat}


> Using a = in a parameter for func_conf ODBC command skips it from running
> -------------------------------------------------------------------------
>
>                 Key: ASTERISK-29239
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-29239
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Functions/func_odbc
>    Affects Versions: 16.15.0
>         Environment: CentOS 6.x, MySQL 5.7, Asterisk 16.15.0
>            Reporter: Leandro Dardini
>            Assignee: Unassigned
>            Severity: Minor
>         Attachments: full.14
>
>
> If I have a func_odbc function writing in a table and one of the parameters contains a = sign, the command is not executed and no error is reported.
> Let's take a very simple func_odbc entry like:
> {noformat}
> [QUERY_BUG]
> dsn=asteriskcdrdb1,asteriskcdrdb2
> synopsis=Test a query bug
> writesql=insert into cdr(clid,src,dst) values ('${ARG1}','${ARG2}','${VAL1}')
> {noformat}
> And its AEL dialplan usage:
> {noformat}
>         9999 => {
>              Set(ODBC_QUERY_BUG("one","twoequalthree")="four");
>              Set(ODBC_QUERY_BUG("one","two=three")="four");
>              Hangup();
>         }
> {noformat}
> Only the first ODBC_QUERY_BUG command is executed while the second is skipped without any error reported.
> This is the relevant DEBUG. Full DEBUG in attach
> {noformat}
> [2021-01-10 00:50:36] DEBUG[13330][C-00001320] pbx.c: Launching 'Set'
> [2021-01-10 00:50:36] VERBOSE[13330][C-00001320] pbx.c: Executing [9999 at authenticated:1] Set("PJSIP/108-DEVEL-00000017", "ODBC_QUERY_BUG("one","twoequalthree")="four"") in new stack
> [2021-01-10 00:50:36] DEBUG[13330][C-00001320] pbx_variables.c: Evaluating 'ARG1' (from 'ARG1}','${ARG2}','${VAL1}')' len 4)
> [2021-01-10 00:50:36] DEBUG[13330][C-00001320] pbx_variables.c: Result of 'ARG1' is 'one'
> [2021-01-10 00:50:36] DEBUG[13330][C-00001320] pbx_variables.c: Evaluating 'ARG2' (from 'ARG2}','${VAL1}')' len 4)
> [2021-01-10 00:50:36] DEBUG[13330][C-00001320] pbx_variables.c: Result of 'ARG2' is 'twoequalthree'
> [2021-01-10 00:50:36] DEBUG[13330][C-00001320] pbx_variables.c: Evaluating 'VAL1' (from 'VAL1}')' len 4)
> [2021-01-10 00:50:36] DEBUG[13330][C-00001320] pbx_variables.c: Result of 'VAL1' is 'four'
> [2021-01-10 00:50:37] DEBUG[13330][C-00001320] pbx.c: Launching 'Set'
> [2021-01-10 00:50:37] VERBOSE[13330][C-00001320] pbx.c: Executing [9999 at authenticated:2] Set("PJSIP/108-DEVEL-00000017", "ODBC_QUERY_BUG("one","two=three")="four"") in new stack
> [2021-01-10 00:50:37] DEBUG[13330][C-00001320] pbx.c: Launching 'Hangup'
> [2021-01-10 00:50:37] VERBOSE[13330][C-00001320] pbx.c: Executing [9999 at authenticated:3] Hangup("PJSIP/108-DEVEL-00000017", "") in new stack
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list