[asterisk-commits] lmadsen: tag 1.8.2.2 r303104 - in /tags/1.8.2.2: ./ main/

[SVN commits to the Asterisk project]

Author: lmadsen
Date: Thu Jan 20 13:47:11 2011
New Revision: 303104

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=303104
Log:
Merge changes and update .version and ChangeLog files.

Removed:
    tags/1.8.2.2/asterisk-1.8.2.1-summary.html
    tags/1.8.2.2/asterisk-1.8.2.1-summary.txt
Modified:
    tags/1.8.2.2/.version
    tags/1.8.2.2/ChangeLog
    tags/1.8.2.2/main/utils.c

Modified: tags/1.8.2.2/.version
URL: http://svnview.digium.com/svn/asterisk/tags/1.8.2.2/.version?view=diff&rev=303104&r1=303103&r2=303104
==============================================================================
--- tags/1.8.2.2/.version (original)
+++ tags/1.8.2.2/.version Thu Jan 20 13:47:11 2011
@@ -1,1 +1,1 @@
-1.8.2.1
+1.8.2.2

Modified: tags/1.8.2.2/ChangeLog
URL: http://svnview.digium.com/svn/asterisk/tags/1.8.2.2/ChangeLog?view=diff&rev=303104&r1=303103&r2=303104
==============================================================================
--- tags/1.8.2.2/ChangeLog (original)
+++ tags/1.8.2.2/ChangeLog Thu Jan 20 13:47:11 2011
@@ -1,3 +1,11 @@
+2011-01-20  Leif Madsen <lmadsen at digium.com>
+
+	* Asterisk 1.8.2.2 Released.
+
+	* An improper merge of the changes for AST-2011-011 caused the changes
+	  to not be applied to the 1.8.2.1 tag. The 1.8.2.2 tag contains the
+	  security changes related to AST-2011-001.
+
 2011-01-17  Leif Madsen <lmadsen at digium.com>
 
 	* Asterisk 1.8.2.1 Released.

Modified: tags/1.8.2.2/main/utils.c
URL: http://svnview.digium.com/svn/asterisk/tags/1.8.2.2/main/utils.c?view=diff&rev=303104&r1=303103&r2=303104
==============================================================================
--- tags/1.8.2.2/main/utils.c (original)
+++ tags/1.8.2.2/main/utils.c Thu Jan 20 13:47:11 2011
@@ -383,33 +383,32 @@
 char *ast_uri_encode(const char *string, char *outbuf, int buflen, int do_special_char)
 {
 	const char *ptr  = string;	/* Start with the string */
-	char *out = NULL;
-	char *buf = NULL;
+	char *out = outbuf;
 	const char *mark = "-_.!~*'()"; /* no encode set, RFC 2396 section 2.3, RFC 3261 sec 25 */
-	ast_copy_string(outbuf, string, buflen);
-
-	while (*ptr) {
+
+	while (*ptr && out - outbuf < buflen - 1) {
 		if ((const signed char) *ptr < 32 || *ptr == 0x7f || *ptr == '%' ||
 				(do_special_char &&
 				!(*ptr >= '0' && *ptr <= '9') &&      /* num */
 				!(*ptr >= 'A' && *ptr <= 'Z') &&      /* ALPHA */
 				!(*ptr >= 'a' && *ptr <= 'z') &&      /* alpha */
 				!strchr(mark, *ptr))) {               /* mark set */
-
-			/* Oops, we need to start working here */
-			if (!buf) {
-				buf = outbuf;
-				out = buf + (ptr - string) ;	/* Set output ptr */
+			if (out - outbuf >= buflen - 3) {
+				break;
 			}
+
 			out += sprintf(out, "%%%02X", (unsigned char) *ptr);
-		} else if (buf) {
+		} else {
 			*out = *ptr;	/* Continue copying the string */
 			out++;
 		}
 		ptr++;
 	}
-	if (buf)
+
+	if (buflen) {
 		*out = '\0';
+	}
+
 	return outbuf;
 }