[asterisk-commits] tilghman: branch 1.6.2 r316093 - /branches/1.6.2/funcs/func_curl.c

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Mon May 2 14:04:48 CDT 2011


Author: tilghman
Date: Mon May  2 14:04:36 2011
New Revision: 316093

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=316093
Log:
More possible crashes based upon invalid inputs.

(closes issue #18161)
 Reported by: wdoekes
 Patches: 
       20110301__issue18161.diff.txt uploaded by tilghman (license 14)
 Tested by: wdoekes

Modified:
    branches/1.6.2/funcs/func_curl.c

Modified: branches/1.6.2/funcs/func_curl.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.6.2/funcs/func_curl.c?view=diff&rev=316093&r1=316092&r2=316093
==============================================================================
--- branches/1.6.2/funcs/func_curl.c (original)
+++ branches/1.6.2/funcs/func_curl.c Mon May  2 14:04:36 2011
@@ -409,7 +409,11 @@
 	AST_LIST_HEAD(global_curl_info, curl_settings) *list = NULL;
 
 	*buf = '\0';
-	
+
+	if (!str) {
+		return -1;
+	}
+
 	if (ast_strlen_zero(info)) {
 		ast_log(LOG_WARNING, "CURL requires an argument (URL)\n");
 		ast_free(str);
@@ -479,13 +483,12 @@
 			int rowcount = 0;
 			while (fields && values && (piece = strsep(&remainder, "&"))) {
 				char *name = strsep(&piece, "=");
-				if (!piece) {
-					piece = "";
+				if (piece) {
+					ast_uri_decode(piece);
 				}
-				ast_uri_decode(piece);
 				ast_uri_decode(name);
 				ast_str_append(&fields, 0, "%s%s", rowcount ? "," : "", name);
-				ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", piece);
+				ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", S_OR(piece, ""));
 				rowcount++;
 			}
 			pbx_builtin_setvar_helper(chan, "~ODBCFIELDS~", ast_str_buffer(fields));




More information about the asterisk-commits mailing list