[asterisk-commits] tilghman: branch 1.6.2 r316093 - /branches/1.6.2/funcs/func_curl.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Mon May 2 14:04:48 CDT 2011
Author: tilghman
Date: Mon May 2 14:04:36 2011
New Revision: 316093
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=316093
Log:
More possible crashes based upon invalid inputs.
(closes issue #18161)
Reported by: wdoekes
Patches:
20110301__issue18161.diff.txt uploaded by tilghman (license 14)
Tested by: wdoekes
Modified:
branches/1.6.2/funcs/func_curl.c
Modified: branches/1.6.2/funcs/func_curl.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.6.2/funcs/func_curl.c?view=diff&rev=316093&r1=316092&r2=316093
==============================================================================
--- branches/1.6.2/funcs/func_curl.c (original)
+++ branches/1.6.2/funcs/func_curl.c Mon May 2 14:04:36 2011
@@ -409,7 +409,11 @@
AST_LIST_HEAD(global_curl_info, curl_settings) *list = NULL;
*buf = '\0';
-
+
+ if (!str) {
+ return -1;
+ }
+
if (ast_strlen_zero(info)) {
ast_log(LOG_WARNING, "CURL requires an argument (URL)\n");
ast_free(str);
@@ -479,13 +483,12 @@
int rowcount = 0;
while (fields && values && (piece = strsep(&remainder, "&"))) {
char *name = strsep(&piece, "=");
- if (!piece) {
- piece = "";
+ if (piece) {
+ ast_uri_decode(piece);
}
- ast_uri_decode(piece);
ast_uri_decode(name);
ast_str_append(&fields, 0, "%s%s", rowcount ? "," : "", name);
- ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", piece);
+ ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", S_OR(piece, ""));
rowcount++;
}
pbx_builtin_setvar_helper(chan, "~ODBCFIELDS~", ast_str_buffer(fields));
More information about the asterisk-commits
mailing list