[asterisk-bugs] [JIRA] (ASTERISK-29911) app_userevent: Open parentheses or bracket in body breaks UserEvent app
Niksa Baldun (JIRA)
noreply at issues.asterisk.org
Thu Feb 10 01:12:06 CST 2022
[ https://issues.asterisk.org/jira/browse/ASTERISK-29911?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Niksa Baldun updated ASTERISK-29911:
------------------------------------
Description:
I send an UserEvent from dialplan, which has a dialed number in the body. One user accidentally tried to dial a "number" which contained an unclosed parentheses, and everything fell apart. For example:
{code}
UserEvent(someevent,num:"123(45",name:"some name")
{code}
Instead of expected lines:
{code}
num: 123(45
name: some name
{code}
AMI event contains just one line:
{code}
num: 123(45,name=some name
{code}
It seems the problem is that UserEvent implementation uses AST_STANDARD_APP_ARGS function for parsing, but the body contains arbitrary key-value pairs, not standard args.
was:
I send an UserEvent from dialplan, which has a dialed number in the body. One user accidentally tried to dial a "number" which contained an unclosed parentheses, and everything fell apart. For example:
UserEvent(someevent,num="123(45",name="some name")
Instead of expected lines:
{code}
num: 123(45
name: some name
{code}
AMI event contains just one line:
{code}
num: 123(45,name=some name
{code}
It seems the problem is that UserEvent implementation uses AST_STANDARD_APP_ARGS function for parsing, but the body contains arbitrary key-value pairs, not standard args.
> app_userevent: Open parentheses or bracket in body breaks UserEvent app
> -----------------------------------------------------------------------
>
> Key: ASTERISK-29911
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-29911
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Applications/app_userevent
> Affects Versions: 18.9.0
> Environment: Debian 11
> Reporter: Niksa Baldun
>
> I send an UserEvent from dialplan, which has a dialed number in the body. One user accidentally tried to dial a "number" which contained an unclosed parentheses, and everything fell apart. For example:
> {code}
> UserEvent(someevent,num:"123(45",name:"some name")
> {code}
> Instead of expected lines:
> {code}
> num: 123(45
> name: some name
> {code}
> AMI event contains just one line:
> {code}
> num: 123(45,name=some name
> {code}
> It seems the problem is that UserEvent implementation uses AST_STANDARD_APP_ARGS function for parsing, but the body contains arbitrary key-value pairs, not standard args.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list