[asterisk-commits] tilghman: branch 1.4 r277568 - /branches/1.4/res/
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Fri Jul 16 16:54:33 CDT 2010
Author: tilghman
Date: Fri Jul 16 16:54:29 2010
New Revision: 277568
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=277568
Log:
Since we split values at the semicolon, we should store values with a semicolon as an encoded value.
(closes issue #17369)
Reported by: gkservice
Patches:
20100625__issue17369.diff.txt uploaded by tilghman (license 14)
Tested by: tilghman
Modified:
branches/1.4/res/res_config_odbc.c
branches/1.4/res/res_config_pgsql.c
Modified: branches/1.4/res/res_config_odbc.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.4/res/res_config_odbc.c?view=diff&rev=277568&r1=277567&r2=277568
==============================================================================
--- branches/1.4/res/res_config_odbc.c (original)
+++ branches/1.4/res/res_config_odbc.c Fri Jul 16 16:54:29 2010
@@ -1,7 +1,7 @@
/*
* Asterisk -- An open source telephony toolkit.
*
- * Copyright (C) 1999 - 2005, Digium, Inc.
+ * Copyright (C) 1999 - 2010, Digium, Inc.
*
* Mark Spencer <markster at digium.com>
*
@@ -53,18 +53,33 @@
#include "asterisk/options.h"
#include "asterisk/res_odbc.h"
#include "asterisk/utils.h"
+#include "asterisk/stringfields.h"
struct custom_prepare_struct {
const char *sql;
const char *extra;
+ AST_DECLARE_STRING_FIELDS(
+ AST_STRING_FIELD(encoding)[256];
+ );
va_list ap;
};
+
+static void decode_chunk(char *chunk)
+{
+ for (; *chunk; chunk++) {
+ if (*chunk == '^' && strchr("0123456789ABCDEFabcdef", chunk[1]) && strchr("0123456789ABCDEFabcdef", chunk[2])) {
+ sscanf(chunk + 1, "%02hhd", chunk);
+ memmove(chunk + 1, chunk + 3, strlen(chunk + 3) + 1);
+ }
+ }
+}
static SQLHSTMT custom_prepare(struct odbc_obj *obj, void *data)
{
int res, x = 1;
struct custom_prepare_struct *cps = data;
const char *newparam, *newval;
+ char encodebuf[1024];
SQLHSTMT stmt;
va_list ap;
@@ -85,6 +100,27 @@
while ((newparam = va_arg(ap, const char *))) {
newval = va_arg(ap, const char *);
+ if (strchr(newval, ';') || strchr(newval, '^')) {
+ char *eptr = encodebuf;
+ const char *vptr = newval;
+ for (; *vptr && eptr < encodebuf + sizeof(encodebuf); vptr++) {
+ if (strchr("^;", *vptr)) {
+ /* We use ^XX, instead of %XX because '%' is a special character in SQL */
+ snprintf(eptr, encodebuf + sizeof(encodebuf) - eptr, "^%02hhX", *vptr);
+ eptr += 3;
+ vptr++;
+ } else {
+ *eptr++ = *vptr++;
+ }
+ }
+ if (eptr < encodebuf + sizeof(encodebuf)) {
+ *eptr = '\0';
+ } else {
+ encodebuf[sizeof(encodebuf) - 1] = '\0';
+ }
+ ast_string_field_set(cps, encoding[x], encodebuf);
+ newval = cps->encoding[x];
+ }
SQLBindParameter(stmt, x++, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_CHAR, strlen(newval), 0, (void *)newval, 0, NULL);
}
va_end(ap);
@@ -118,22 +154,29 @@
va_list aq;
struct custom_prepare_struct cps = { .sql = sql };
+ if (ast_string_field_init(&cps, 256)) {
+ return NULL;
+ }
va_copy(cps.ap, ap);
va_copy(aq, ap);
- if (!table)
- return NULL;
+ if (!table) {
+ ast_string_field_free_memory(&cps);
+ return NULL;
+ }
obj = ast_odbc_request_obj(database, 0);
if (!obj) {
ast_log(LOG_ERROR, "No database handle available with the name of '%s' (check res_odbc.conf)\n", database);
+ ast_string_field_free_memory(&cps);
return NULL;
}
newparam = va_arg(aq, const char *);
if (!newparam) {
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return NULL;
}
newval = va_arg(aq, const char *);
@@ -152,6 +195,7 @@
if (!stmt) {
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return NULL;
}
@@ -160,6 +204,7 @@
ast_log(LOG_WARNING, "SQL Column Count error!\n[%s]\n\n", sql);
SQLFreeHandle (SQL_HANDLE_STMT, stmt);
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return NULL;
}
@@ -167,12 +212,14 @@
if (res == SQL_NO_DATA) {
SQLFreeHandle (SQL_HANDLE_STMT, stmt);
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return NULL;
}
if ((res != SQL_SUCCESS) && (res != SQL_SUCCESS_WITH_INFO)) {
ast_log(LOG_WARNING, "SQL Fetch error!\n[%s]\n\n", sql);
SQLFreeHandle (SQL_HANDLE_STMT, stmt);
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return NULL;
}
for (x = 0; x < colcount; x++) {
@@ -185,6 +232,7 @@
if (var)
ast_variables_destroy(var);
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return NULL;
}
@@ -201,15 +249,20 @@
return NULL;
}
stringp = rowdata;
- while(stringp) {
+ while (stringp) {
chunk = strsep(&stringp, ";");
if (!ast_strlen_zero(ast_strip(chunk))) {
+ if (strchr(chunk, '^')) {
+ decode_chunk(chunk);
+ }
if (prev) {
prev->next = ast_variable_new(coltitle, chunk);
- if (prev->next)
+ if (prev->next) {
prev = prev->next;
- } else
+ }
+ } else {
prev = var = ast_variable_new(coltitle, chunk);
+ }
}
}
}
@@ -217,6 +270,7 @@
SQLFreeHandle(SQL_HANDLE_STMT, stmt);
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return var;
}
@@ -248,20 +302,24 @@
struct custom_prepare_struct cps = { .sql = sql };
va_list aq;
+ if (!table || ast_string_field_init(&cps, 256)) {
+ return NULL;
+ }
va_copy(cps.ap, ap);
va_copy(aq, ap);
- if (!table)
- return NULL;
memset(&ra, 0, sizeof(ra));
obj = ast_odbc_request_obj(database, 0);
- if (!obj)
- return NULL;
+ if (!obj) {
+ ast_string_field_free_memory(&cps);
+ return NULL;
+ }
newparam = va_arg(aq, const char *);
if (!newparam) {
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return NULL;
}
initfield = ast_strdupa(newparam);
@@ -285,6 +343,7 @@
if (!stmt) {
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return NULL;
}
@@ -293,6 +352,7 @@
ast_log(LOG_WARNING, "SQL Column Count error!\n[%s]\n\n", sql);
SQLFreeHandle(SQL_HANDLE_STMT, stmt);
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return NULL;
}
@@ -301,6 +361,7 @@
ast_log(LOG_WARNING, "Out of memory!\n");
SQLFreeHandle(SQL_HANDLE_STMT, stmt);
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return NULL;
}
@@ -337,11 +398,15 @@
continue;
}
stringp = rowdata;
- while(stringp) {
+ while (stringp) {
chunk = strsep(&stringp, ";");
if (!ast_strlen_zero(ast_strip(chunk))) {
- if (initfield && !strcmp(initfield, coltitle))
+ if (strchr(chunk, '^')) {
+ decode_chunk(chunk);
+ }
+ if (initfield && !strcmp(initfield, coltitle)) {
ast_category_rename(cat, chunk);
+ }
var = ast_variable_new(coltitle, chunk);
ast_variable_append(cat, var);
}
@@ -352,6 +417,7 @@
SQLFreeHandle(SQL_HANDLE_STMT, stmt);
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return cfg;
}
@@ -366,19 +432,21 @@
va_list aq;
struct custom_prepare_struct cps = { .sql = sql, .extra = lookup };
+ if (!table || ast_string_field_init(&cps, 256)) {
+ return -1;
+ }
va_copy(cps.ap, ap);
va_copy(aq, ap);
-
- if (!table)
+
+ if (!(obj = ast_odbc_request_obj(database, 0))) {
+ ast_string_field_free_memory(&cps);
return -1;
-
- obj = ast_odbc_request_obj(database, 0);
- if (!obj)
- return -1;
+ }
newparam = va_arg(aq, const char *);
if (!newparam) {
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return -1;
}
newval = va_arg(aq, const char *);
@@ -394,20 +462,23 @@
if (!stmt) {
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
return -1;
}
res = SQLRowCount(stmt, &rowcount);
SQLFreeHandle (SQL_HANDLE_STMT, stmt);
ast_odbc_release_obj(obj);
+ ast_string_field_free_memory(&cps);
if ((res != SQL_SUCCESS) && (res != SQL_SUCCESS_WITH_INFO)) {
ast_log(LOG_WARNING, "SQL Row Count error!\n[%s]\n\n", sql);
return -1;
}
- if (rowcount >= 0)
- return (int)rowcount;
+ if (rowcount >= 0) {
+ return (int) rowcount;
+ }
return -1;
}
Modified: branches/1.4/res/res_config_pgsql.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.4/res/res_config_pgsql.c?view=diff&rev=277568&r1=277567&r2=277568
==============================================================================
--- branches/1.4/res/res_config_pgsql.c (original)
+++ branches/1.4/res/res_config_pgsql.c Fri Jul 16 16:54:29 2010
@@ -1,8 +1,8 @@
/*
* Asterisk -- A telephony toolkit for Linux.
*
- * Copyright (C) 1999-2005, Digium, Inc.
- *
+ * Copyright (C) 1999-2010, Digium, Inc.
+ *
* Manuel Guesdon <mguesdon at oxymium.net> - Postgresql RealTime Driver Author/Adaptor
* Mark Spencer <markster at digium.com> - Asterisk Author
* Matthew Boehm <mboehm at cytelcom.com> - MySQL RealTime Driver Author
@@ -76,11 +76,42 @@
cli_realtime_pgsql_status_usage },
};
+static char *encode_chunk(const char *chunk, char *buf, size_t len)
+{
+ char *cptr = buf;
+ for (; *chunk && cptr < buf + len; chunk++) {
+ if (strchr(";^", *chunk)) {
+ snprintf(cptr, buf + len - cptr, "^%02hhX", *chunk);
+ cptr += 3;
+ } else {
+ *cptr++ = *chunk;
+ }
+ }
+ if (cptr < buf + len) {
+ *cptr = '\0';
+ } else {
+ buf[len - 1] = '\0';
+ }
+ return buf;
+}
+
+static char *decode_chunk(char *chunk)
+{
+ char *orig = chunk;
+ for (; *chunk; chunk++) {
+ if (*chunk == '^' && strchr("0123456789ABCDEFabcdef", chunk[1]) && strchr("0123456789ABCDEFabcdef", chunk[2])) {
+ sscanf(chunk + 1, "%02hhd", chunk);
+ memmove(chunk + 1, chunk + 3, strlen(chunk + 3) + 1);
+ }
+ }
+ return orig;
+}
+
static struct ast_variable *realtime_pgsql(const char *database, const char *table, va_list ap)
{
PGresult *result = NULL;
int num_rows = 0, pgerror;
- char sql[256], escapebuf[513];
+ char sql[256], escapebuf[2049], semibuf[1024];
char *stringp;
char *chunk;
char *op;
@@ -109,7 +140,7 @@
If there is only 1 set, then we have our query. Otherwise, loop thru the list and concat */
op = strchr(newparam, ' ') ? "" : " =";
- PQescapeStringConn(pgsqlConn, escapebuf, newval, (sizeof(escapebuf) - 1) / 2, &pgerror);
+ PQescapeStringConn(pgsqlConn, escapebuf, encode_chunk(newval, semibuf, sizeof(semibuf)), (sizeof(escapebuf) - 1) / 2, &pgerror);
if (pgerror) {
ast_log(LOG_ERROR, "Postgres detected invalid input: '%s'\n", newval);
va_end(ap);
@@ -125,7 +156,7 @@
else
op = "";
- PQescapeStringConn(pgsqlConn, escapebuf, newval, (sizeof(escapebuf) - 1) / 2, &pgerror);
+ PQescapeStringConn(pgsqlConn, escapebuf, encode_chunk(newval, semibuf, sizeof(semibuf)), (sizeof(escapebuf) - 1) / 2, &pgerror);
if (pgerror) {
ast_log(LOG_ERROR, "Postgres detected invalid input: '%s'\n", newval);
va_end(ap);
@@ -167,7 +198,7 @@
}
}
- ast_log(LOG_DEBUG, "1Postgresql RealTime: Result=%p Query: %s\n", result, sql);
+ ast_log(LOG_DEBUG, "Postgresql RealTime: Result=%p Query: %s\n", result, sql);
if ((num_rows = PQntuples(result)) > 0) {
int i = 0;
@@ -189,7 +220,7 @@
stringp = PQgetvalue(result, rowIndex, i);
while (stringp) {
chunk = strsep(&stringp, ";");
- if (chunk && !ast_strlen_zero(ast_strip(chunk))) {
+ if (chunk && !ast_strlen_zero(decode_chunk(ast_strip(chunk)))) {
if (prev) {
prev->next = ast_variable_new(fieldnames[i], chunk);
if (prev->next) {
@@ -217,7 +248,7 @@
{
PGresult *result = NULL;
int num_rows = 0, pgerror;
- char sql[256], escapebuf[513];
+ char sql[256], escapebuf[2049], semibuf[1024];
const char *initfield = NULL;
char *stringp;
char *chunk;
@@ -264,7 +295,7 @@
else
op = "";
- PQescapeStringConn(pgsqlConn, escapebuf, newval, (sizeof(escapebuf) - 1) / 2, &pgerror);
+ PQescapeStringConn(pgsqlConn, escapebuf, encode_chunk(newval, semibuf, sizeof(semibuf)), (sizeof(escapebuf) - 1) / 2, &pgerror);
if (pgerror) {
ast_log(LOG_ERROR, "Postgres detected invalid input: '%s'\n", newval);
va_end(ap);
@@ -280,7 +311,7 @@
else
op = "";
- PQescapeStringConn(pgsqlConn, escapebuf, newval, (sizeof(escapebuf) - 1) / 2, &pgerror);
+ PQescapeStringConn(pgsqlConn, escapebuf, encode_chunk(newval, semibuf, sizeof(semibuf)), (sizeof(escapebuf) - 1) / 2, &pgerror);
if (pgerror) {
ast_log(LOG_ERROR, "Postgres detected invalid input: '%s'\n", newval);
va_end(ap);
@@ -353,7 +384,7 @@
stringp = PQgetvalue(result, rowIndex, i);
while (stringp) {
chunk = strsep(&stringp, ";");
- if (chunk && !ast_strlen_zero(ast_strip(chunk))) {
+ if (chunk && !ast_strlen_zero(decode_chunk(ast_strip(chunk)))) {
if (initfield && !strcmp(initfield, fieldnames[i])) {
ast_category_rename(cat, chunk);
}
@@ -381,7 +412,7 @@
{
PGresult *result = NULL;
int numrows = 0, pgerror;
- char sql[256], escapebuf[513];
+ char sql[256], escapebuf[2049], semibuf[1024];
const char *newparam, *newval;
if (!table) {
@@ -405,7 +436,7 @@
/* Create the first part of the query using the first parameter/value pairs we just extracted
If there is only 1 set, then we have our query. Otherwise, loop thru the list and concat */
- PQescapeStringConn(pgsqlConn, escapebuf, newval, (sizeof(escapebuf) - 1) / 2, &pgerror);
+ PQescapeStringConn(pgsqlConn, escapebuf, encode_chunk(newval, semibuf, sizeof(semibuf)), (sizeof(escapebuf) - 1) / 2, &pgerror);
if (pgerror) {
ast_log(LOG_ERROR, "Postgres detected invalid input: '%s'\n", newval);
va_end(ap);
@@ -416,7 +447,7 @@
while ((newparam = va_arg(ap, const char *))) {
newval = va_arg(ap, const char *);
- PQescapeStringConn(pgsqlConn, escapebuf, newval, (sizeof(escapebuf) - 1) / 2, &pgerror);
+ PQescapeStringConn(pgsqlConn, escapebuf, encode_chunk(newval, semibuf, sizeof(semibuf)), (sizeof(escapebuf) - 1) / 2, &pgerror);
if (pgerror) {
ast_log(LOG_ERROR, "Postgres detected invalid input: '%s'\n", newval);
va_end(ap);
More information about the asterisk-commits
mailing list