[asterisk-commits] tilghman: trunk r91561 - in /trunk: ./ cdr/cdr_pgsql.c

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Thu Dec 6 14:52:27 CST 2007 

Author: tilghman
Date: Thu Dec  6 14:52:26 2007
New Revision: 91561

URL: http://svn.digium.com/view/asterisk?view=rev&rev=91561
Log:
Merged revisions 90166,90736,90753 via svnmerge from 
https://origsvn.digium.com/svn/asterisk/branches/1.4

........
r90166 | tilghman | 2007-11-29 13:48:10 -0600 (Thu, 29 Nov 2007) | 3 lines

Properly escape cdr->src and cdr->dst and ensure we use thread-safe escaping
(Fixes AST-2007-026)

........
r90736 | tilghman | 2007-12-03 17:23:55 -0600 (Mon, 03 Dec 2007) | 5 lines

If both dbhost and dbsock were not set, a NULL deref could result
Reported by: xrg
Patch by: tilghman
(Closes issue #11387)

........
r90753 | tilghman | 2007-12-03 17:50:51 -0600 (Mon, 03 Dec 2007) | 5 lines

Solaris requires the inclusion of sys/loadavg.h for getloadavg().
Reported by: snuffy
Patch by: snuffy,tilghman
(Closes issue #11430)

........

Modified:
    trunk/   (props changed)
    trunk/cdr/cdr_pgsql.c

Propchange: trunk/
------------------------------------------------------------------------------
Binary property 'branch-1.4-merged' - no diff available.

Modified: trunk/cdr/cdr_pgsql.c
URL: http://svn.digium.com/view/asterisk/trunk/cdr/cdr_pgsql.c?view=diff&rev=91561&r1=91560&r2=91561
==============================================================================
--- trunk/cdr/cdr_pgsql.c (original)
+++ trunk/cdr/cdr_pgsql.c Thu Dec  6 14:52:26 2007
@@ -88,28 +88,33 @@
 
 	if (connected) {
 		char *clid=NULL, *dcontext=NULL, *channel=NULL, *dstchannel=NULL, *lastapp=NULL, *lastdata=NULL;
-		char *uniqueid=NULL, *userfield=NULL;
+		char *src=NULL, *dst=NULL, *uniqueid=NULL, *userfield=NULL;
+		int pgerr;
 
 		/* Maximum space needed would be if all characters needed to be escaped, plus a trailing NULL */
 		if ((clid = alloca(strlen(cdr->clid) * 2 + 1)) != NULL)
-			PQescapeString(clid, cdr->clid, strlen(cdr->clid));
+			PQescapeStringConn(conn, clid, cdr->clid, strlen(cdr->clid), &pgerr);
 		if ((dcontext = alloca(strlen(cdr->dcontext) * 2 + 1)) != NULL)
-			PQescapeString(dcontext, cdr->dcontext, strlen(cdr->dcontext));
+			PQescapeStringConn(conn, dcontext, cdr->dcontext, strlen(cdr->dcontext), &pgerr);
 		if ((channel = alloca(strlen(cdr->channel) * 2 + 1)) != NULL)
-			PQescapeString(channel, cdr->channel, strlen(cdr->channel));
+			PQescapeStringConn(conn, channel, cdr->channel, strlen(cdr->channel), &pgerr);
 		if ((dstchannel = alloca(strlen(cdr->dstchannel) * 2 + 1)) != NULL)
-			PQescapeString(dstchannel, cdr->dstchannel, strlen(cdr->dstchannel));
+			PQescapeStringConn(conn, dstchannel, cdr->dstchannel, strlen(cdr->dstchannel), &pgerr);
 		if ((lastapp = alloca(strlen(cdr->lastapp) * 2 + 1)) != NULL)
-			PQescapeString(lastapp, cdr->lastapp, strlen(cdr->lastapp));
+			PQescapeStringConn(conn, lastapp, cdr->lastapp, strlen(cdr->lastapp), &pgerr);
 		if ((lastdata = alloca(strlen(cdr->lastdata) * 2 + 1)) != NULL)
-			PQescapeString(lastdata, cdr->lastdata, strlen(cdr->lastdata));
+			PQescapeStringConn(conn, lastdata, cdr->lastdata, strlen(cdr->lastdata), &pgerr);
 		if ((uniqueid = alloca(strlen(cdr->uniqueid) * 2 + 1)) != NULL)
-			PQescapeString(uniqueid, cdr->uniqueid, strlen(cdr->uniqueid));
+			PQescapeStringConn(conn, uniqueid, cdr->uniqueid, strlen(cdr->uniqueid), &pgerr);
 		if ((userfield = alloca(strlen(cdr->userfield) * 2 + 1)) != NULL)
-			PQescapeString(userfield, cdr->userfield, strlen(cdr->userfield));
+			PQescapeStringConn(conn, userfield, cdr->userfield, strlen(cdr->userfield), &pgerr);
+		if ((src = alloca(strlen(cdr->src) * 2 + 1)) != NULL)
+			PQescapeStringConn(conn, src, cdr->src, strlen(cdr->src), &pgerr);
+		if ((dst = alloca(strlen(cdr->dst) * 2 + 1)) != NULL)
+			PQescapeStringConn(conn, dst, cdr->dst, strlen(cdr->dst), &pgerr);
 
 		/* Check for all alloca failures above at once */
-		if ((!clid) || (!dcontext) || (!channel) || (!dstchannel) || (!lastapp) || (!lastdata) || (!uniqueid) || (!userfield)) {
+		if ((!clid) || (!dcontext) || (!channel) || (!dstchannel) || (!lastapp) || (!lastdata) || (!uniqueid) || (!userfield) || (!src) || (!dst)) {
 			ast_log(LOG_ERROR, "cdr_pgsql:  Out of memory error (insert fails)\n");
 			ast_mutex_unlock(&pgsql_lock);
 			return -1;
@@ -120,7 +125,7 @@
 		snprintf(sqlcmd,sizeof(sqlcmd),"INSERT INTO %s (calldate,clid,src,dst,dcontext,channel,dstchannel,"
 				 "lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid,userfield) VALUES"
 				 " ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%ld,%ld,'%s',%ld,'%s','%s','%s')",
-				 table,timestr,clid,cdr->src, cdr->dst, dcontext,channel, dstchannel, lastapp, lastdata,
+				 table, timestr, clid, src, dst, dcontext, channel, dstchannel, lastapp, lastdata,
 				 cdr->duration,cdr->billsec,ast_cdr_disp2str(cdr->disposition),cdr->amaflags, cdr->accountcode, uniqueid, userfield);
 		
 		ast_debug(3, "cdr_pgsql: SQL command executed:  %s\n",sqlcmd);

More information about the asterisk-commits mailing list