[Asterisk-code-review] pbx.c: Allow dangerous functions when adding a hint to dialp... (asterisk[13])

Anonymous Coward asteriskteam at digium.com
Fri Jul 29 06:27:20 CDT 2016


Anonymous Coward #1000019 has submitted this change and it was merged.

Change subject: pbx.c: Allow dangerous functions when adding a hint to dialplan.
......................................................................


pbx.c: Allow dangerous functions when adding a hint to dialplan.

We can allow dangerous functions when adding a hint since altering
dialplan is itself a privileged activity.  Otherwise, we could never
execute dangerous functions.

ASTERISK-25996 #close
Reported by: Andrew Nagy

Change-Id: I4929ff100ad1200a0198262d069a34f2296e77ba
---
M include/asterisk/pbx.h
M main/pbx.c
M main/pbx_functions.c
3 files changed, 41 insertions(+), 2 deletions(-)

Approvals:
  Anonymous Coward #1000019: Verified
  Joshua Colp: Looks good to me, approved
  Corey Farrell: Looks good to me, but someone else must approve



diff --git a/include/asterisk/pbx.h b/include/asterisk/pbx.h
index d722e12..1fc8df8 100644
--- a/include/asterisk/pbx.h
+++ b/include/asterisk/pbx.h
@@ -1598,6 +1598,18 @@
  */
 int ast_thread_inhibit_escalations(void);
 
+/*!
+ * \brief Swap the current thread escalation inhibit setting.
+ * \since 11.24.0
+ *
+ * \param inhibit New setting.  Non-zero to inhibit.
+ *
+ * \retval 1 if dangerous function execution was inhibited.
+ * \retval 0 if dangerous function execution was allowed.
+ * \retval -1 on error.
+ */
+int ast_thread_inhibit_escalations_swap(int inhibit);
+
 #if defined(__cplusplus) || defined(c_plusplus)
 }
 #endif
diff --git a/main/pbx.c b/main/pbx.c
index 5bafee3..822336d 100644
--- a/main/pbx.c
+++ b/main/pbx.c
@@ -7095,13 +7095,25 @@
 
 	/* If we are adding a hint evalulate in variables and global variables */
 	if (priority == PRIORITY_HINT && strstr(application, "${") && extension[0] != '_') {
+		int inhibited;
 		struct ast_channel *c = ast_dummy_channel_alloc();
 
 		if (c) {
 			ast_channel_exten_set(c, extension);
 			ast_channel_context_set(c, con->name);
 		}
+
+		/*
+		 * We can allow dangerous functions when adding a hint since
+		 * altering dialplan is itself a privileged activity.  Otherwise,
+		 * we could never execute dangerous functions.
+		 */
+		inhibited = ast_thread_inhibit_escalations_swap(0);
 		pbx_substitute_variables_helper(c, application, expand_buf, sizeof(expand_buf));
+		if (0 < inhibited) {
+			ast_thread_inhibit_escalations();
+		}
+
 		application = expand_buf;
 		if (c) {
 			ast_channel_unref(c);
diff --git a/main/pbx_functions.c b/main/pbx_functions.c
index bc738b0..558be46 100644
--- a/main/pbx_functions.c
+++ b/main/pbx_functions.c
@@ -482,7 +482,6 @@
 
 	thread_inhibit_escalations = ast_threadstorage_get(
 		&thread_inhibit_escalations_tl, sizeof(*thread_inhibit_escalations));
-
 	if (thread_inhibit_escalations == NULL) {
 		ast_log(LOG_ERROR, "Error inhibiting privilege escalations for current thread\n");
 		return -1;
@@ -490,6 +489,23 @@
 
 	*thread_inhibit_escalations = 1;
 	return 0;
+}
+
+int ast_thread_inhibit_escalations_swap(int inhibit)
+{
+	int *thread_inhibit_escalations;
+	int orig;
+
+	thread_inhibit_escalations = ast_threadstorage_get(
+		&thread_inhibit_escalations_tl, sizeof(*thread_inhibit_escalations));
+	if (thread_inhibit_escalations == NULL) {
+		ast_log(LOG_ERROR, "Error swapping privilege escalations inhibit for current thread\n");
+		return -1;
+	}
+
+	orig = *thread_inhibit_escalations;
+	*thread_inhibit_escalations = !!inhibit;
+	return orig;
 }
 
 /*!
@@ -505,7 +521,6 @@
 
 	thread_inhibit_escalations = ast_threadstorage_get(
 		&thread_inhibit_escalations_tl, sizeof(*thread_inhibit_escalations));
-
 	if (thread_inhibit_escalations == NULL) {
 		ast_log(LOG_ERROR, "Error checking thread's ability to run dangerous functions\n");
 		/* On error, assume that we are inhibiting */

-- 
To view, visit https://gerrit.asterisk.org/3369
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I4929ff100ad1200a0198262d069a34f2296e77ba
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Owner: Richard Mudgett <rmudgett at digium.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: Corey Farrell <git at cfware.com>
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>



More information about the asterisk-code-review mailing list