[Asterisk-code-review] AMI: Escape string values. (asterisk[13])
Mark Michelson
asteriskteam at digium.com
Wed Jun 3 09:58:32 CDT 2015
Mark Michelson has posted comments on this change.
Change subject: AMI: Escape string values.
......................................................................
Patch Set 2:
(1 comment)
https://gerrit.asterisk.org/#/c/560/2/main/utils.c
File main/utils.c:
Line 1652: for (p = dest; *s && num--; ++s, ++p) {
: /* If in the list of characters to escape then escape it */
: if (strchr(to_escape, *s)) {
I gave this a bit more thought, and unfortunately strchr as it exists is going to be a bad fit here due to potential embedded '\0' characters in s.
Let's say s is "foo\0bar" (implicit \0 at the end of the string, of course)
If you run this algorithm, you'll end up not escaping the \0 in the middle.
--
To view, visit https://gerrit.asterisk.org/560
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Ib55a5b84fe0481b0f2caaaab68c566f392c0aac0
Gerrit-PatchSet: 2
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Owner: Kevin Harwell <kharwell at digium.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-Reviewer: Mark Michelson <mmichelson at digium.com>
Gerrit-HasComments: Yes
More information about the asterisk-code-review
mailing list