[asterisk-commits] bebuild: tag 10.4.0-rc2 r363332 - in /tags/10.4.0-rc2: ./ channels/ main/

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Tue Apr 24 11:13:10 CDT 2012


Author: bebuild
Date: Tue Apr 24 11:13:07 2012
New Revision: 363332

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=363332
Log:
Merge r363103-363104, r363107, r363156 for -rc2

Removed:
    tags/10.4.0-rc2/asterisk-10.4.0-rc1-summary.html
    tags/10.4.0-rc2/asterisk-10.4.0-rc1-summary.txt
Modified:
    tags/10.4.0-rc2/   (props changed)
    tags/10.4.0-rc2/.version
    tags/10.4.0-rc2/ChangeLog
    tags/10.4.0-rc2/channels/chan_sip.c
    tags/10.4.0-rc2/channels/chan_skinny.c
    tags/10.4.0-rc2/main/manager.c

Propchange: tags/10.4.0-rc2/
------------------------------------------------------------------------------
Binary property 'branch-1.8-merged' - no diff available.

Propchange: tags/10.4.0-rc2/
------------------------------------------------------------------------------
--- svn:externals (original)
+++ svn:externals Tue Apr 24 11:13:07 2012
@@ -1,1 +1,1 @@
-menuselect https://origsvn.digium.com/svn/menuselect/tags/autotag_for_asterisk/10.4.0-rc1
+menuselect https://origsvn.digium.com/svn/menuselect/trunk

Propchange: tags/10.4.0-rc2/
------------------------------------------------------------------------------
    svn:mergeinfo = /branches/10:363103-363104,363107,363156

Modified: tags/10.4.0-rc2/.version
URL: http://svnview.digium.com/svn/asterisk/tags/10.4.0-rc2/.version?view=diff&rev=363332&r1=363331&r2=363332
==============================================================================
--- tags/10.4.0-rc2/.version (original)
+++ tags/10.4.0-rc2/.version Tue Apr 24 11:13:07 2012
@@ -1,1 +1,1 @@
-10.4.0-rc1
+10.4.0-rc2

Modified: tags/10.4.0-rc2/ChangeLog
URL: http://svnview.digium.com/svn/asterisk/tags/10.4.0-rc2/ChangeLog?view=diff&rev=363332&r1=363331&r2=363332
==============================================================================
--- tags/10.4.0-rc2/ChangeLog (original)
+++ tags/10.4.0-rc2/ChangeLog Tue Apr 24 11:13:07 2012
@@ -1,3 +1,13 @@
+2012-04-24  Asterisk Development Team <asteriskteam at digium.com>
+
+	* Asterisk 10.4.0-rc2 Released.
+
+	* AST-2012-004
+
+	* AST-2012-005
+
+	* AST-2012-006
+
 2012-04-04  Asterisk Development Team <asteriskteam at digium.com>
 
 	* Asterisk 10.4.0-rc1 Released.

Modified: tags/10.4.0-rc2/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/tags/10.4.0-rc2/channels/chan_sip.c?view=diff&rev=363332&r1=363331&r2=363332
==============================================================================
--- tags/10.4.0-rc2/channels/chan_sip.c (original)
+++ tags/10.4.0-rc2/channels/chan_sip.c Tue Apr 24 11:13:07 2012
@@ -22818,6 +22818,10 @@
 		transmit_response(p, "501 Method Not Implemented", req);
 		return 0;
 	}
+	if (!p->owner) {
+		transmit_response(p, "481 Call/Transaction Does Not Exist", req);
+		return 0;
+	}
 	if (get_rpid(p, req)) {
 		struct ast_party_connected_line connected;
 		struct ast_set_party_connected_line update_connected;

Modified: tags/10.4.0-rc2/channels/chan_skinny.c
URL: http://svnview.digium.com/svn/asterisk/tags/10.4.0-rc2/channels/chan_skinny.c?view=diff&rev=363332&r1=363331&r2=363332
==============================================================================
--- tags/10.4.0-rc2/channels/chan_skinny.c (original)
+++ tags/10.4.0-rc2/channels/chan_skinny.c Tue Apr 24 11:13:07 2012
@@ -6592,7 +6592,8 @@
 	int res = 0;
 	struct skinny_speeddial *sd;
 	struct skinny_device *d = s->device;
-	
+	size_t len;
+
 	if ((!s->device) && (letohl(req->e) != REGISTER_MESSAGE && letohl(req->e) != ALARM_MESSAGE)) {
 		ast_log(LOG_WARNING, "Client sent message #%d without first registering.\n", req->e);
 		ast_free(req);
@@ -6662,8 +6663,13 @@
 				ast_log(LOG_WARNING, "Unsupported digit %d\n", digit);
 			}
 
-			sub->exten[strlen(sub->exten)] = dgt;
-			sub->exten[strlen(sub->exten)+1] = '\0';
+			len = strlen(sub->exten);
+			if (len < sizeof(sub->exten) - 1) {
+				sub->exten[len] = dgt;
+				sub->exten[len + 1] = '\0';
+			} else {
+				ast_log(AST_LOG_WARNING, "Dropping digit with value %d because digit queue is full\n", dgt);
+			}
 		} else
 			res = handle_keypad_button_message(req, s);
 		}

Modified: tags/10.4.0-rc2/main/manager.c
URL: http://svnview.digium.com/svn/asterisk/tags/10.4.0-rc2/main/manager.c?view=diff&rev=363332&r1=363331&r2=363332
==============================================================================
--- tags/10.4.0-rc2/main/manager.c (original)
+++ tags/10.4.0-rc2/main/manager.c Tue Apr 24 11:13:07 2012
@@ -1219,6 +1219,19 @@
 	{ INT_MAX, "all" },
 	{ 0, "none" },
 };
+
+/*! \brief Checks to see if a string which can be used to evaluate functions should be rejected */
+static int function_capable_string_allowed_with_auths(const char *evaluating, int writepermlist)
+{
+	if (!(writepermlist & EVENT_FLAG_SYSTEM)
+		&& (
+			strstr(evaluating, "SHELL") ||       /* NoOp(${SHELL(rm -rf /)})  */
+			strstr(evaluating, "EVAL")           /* NoOp(${EVAL(${some_var_containing_SHELL})}) */
+		)) {
+		return 0;
+	}
+	return 1;
+}
 
 /*! \brief Convert authority code to a list of options */
 static const char *authority_to_str(int authority, struct ast_str **res)
@@ -3220,6 +3233,12 @@
 		return 0;
 	}
 
+	/* We don't want users with insufficient permissions using certain functions. */
+	if (!(function_capable_string_allowed_with_auths(varname, s->session->writeperm))) {
+		astman_send_error(s, m, "GetVar Access Forbidden: Variable");
+		return 0;
+	}
+
 	if (!ast_strlen_zero(name)) {
 		if (!(c = ast_channel_get_by_name(name))) {
 			astman_send_error(s, m, "No such channel");
@@ -3278,6 +3297,11 @@
 		snprintf(idText, sizeof(idText), "ActionID: %s\r\n", id);
 	} else {
 		idText[0] = '\0';
+	}
+
+	if (!(function_capable_string_allowed_with_auths(variables, s->session->writeperm))) {
+		astman_send_error(s, m, "Status Access Forbidden: Variables");
+		return 0;
 	}
 
 	if (all) {
@@ -4083,6 +4107,7 @@
 	}
 
 	if (!ast_strlen_zero(app)) {
+		int bad_appdata = 0;
 		/* To run the System application (or anything else that goes to
 		 * shell), you must have the additional System privilege */
 		if (!(s->session->writeperm & EVENT_FLAG_SYSTEM)
@@ -4093,10 +4118,13 @@
 				                                     TryExec(System(rm -rf /)) */
 				strcasestr(app, "agi") ||         /* AGI(/bin/rm,-rf /)
 				                                     EAGI(/bin/rm,-rf /)       */
-				strstr(appdata, "SHELL") ||       /* NoOp(${SHELL(rm -rf /)})  */
-				strstr(appdata, "EVAL")           /* NoOp(${EVAL(${some_var_containing_SHELL})}) */
+				strcasestr(app, "mixmonitor") ||  /* MixMonitor(blah,,rm -rf)  */
+				(strstr(appdata, "SHELL") && (bad_appdata = 1)) ||       /* NoOp(${SHELL(rm -rf /)})  */
+				(strstr(appdata, "EVAL") && (bad_appdata = 1))           /* NoOp(${EVAL(${some_var_containing_SHELL})}) */
 				)) {
-			astman_send_error(s, m, "Originate with certain 'Application' arguments requires the additional System privilege, which you do not have.");
+			char error_buf[64];
+			snprintf(error_buf, sizeof(error_buf), "Originate Access Forbidden: %s", bad_appdata ? "Data" : "Application");
+			astman_send_error(s, m, error_buf);
 			res = 0;
 			goto fast_orig_cleanup;
 		}




More information about the asterisk-commits mailing list