[asterisk-dev] [Code Review] 4132: config: Make ast_config_text_file_save and 'dialplan save' escape semicolons in values.

Kevin Harwell reviewboard at asterisk.org
Thu Oct 30 17:38:56 CDT 2014 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/4132/#review13637
-----------------------------------------------------------



branches/13/main/config.c
<https://reviewboard.asterisk.org/r/4132/#comment24148>

    Memory from alloca is stack allocated (gets freed at function end), so when used in a loop there is a potential for a stack overflow.  You might be able to replace it with a variable length array as I *think* those are scope de-allocated (might be platorm/compiler dependent though).



branches/13/pbx/pbx_config.c
<https://reviewboard.asterisk.org/r/4132/#comment24149>

    Same alloca problem here.



branches/13/pbx/pbx_config.c
<https://reviewboard.asterisk.org/r/4132/#comment24150>

    Another alloca problem.


- Kevin Harwell


On Oct. 30, 2014, 4:35 p.m., George Joseph wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/4132/
> -----------------------------------------------------------
> 
> (Updated Oct. 30, 2014, 4:35 p.m.)
> 
> 
> Review request for Asterisk Developers and Birger Harzenetter.
> 
> 
> Bugs: ASTERISK-20127
>     https://issues.asterisk.org/jira/browse/ASTERISK-20127
> 
> 
> Repository: Asterisk
> 
> 
> Description
> -------
> 
> I've been locally patching for this issue for 2 years but now someone else (WIMPy) has run into the same problem.
> 
> When a config file is read, an unescaped semicolon signals comments which are stripped from the value before it's stored.  Escaped semicolons are then unescaped and become part of the value.  Both of these behaviors are normal and expected.  When the config is serialized either by 'dialplan save' or AMI/UpdateConfig however, the now unescaped semicolons are written as-is.  If you actually reload the file just saved, the unescaped semicolons are now treated as start of comments.
> 
> Example:
> 
> Lines such as 
> PAGING_HEADER = Call-Info: \;answer-after=0
> are being rewritten as 
> PAGING_HEADER = Call-Info: ;answer-after=0
> 
> On re-read, everything after the now-unescaped semicolon is read as a comment with the result that the file is effectively corrupted.
> 
> So...   Since true comments are stripped on read, any semicolons in ast_variable.value must have been escaped originally.  This patch re-escapes semicolons in ast_variable.values before they're written to file either by 'dialplan save' or config/ast_config_text_file_save which is called by AMI/UpdateConfig. I also fixed a few pre-existing formatting issues nearby in pbx_config.c
> 
> This patch is for 13 but it will be applied to 1.8 -> trunk.
> 
> 
> Diffs
> -----
> 
>   branches/13/tests/test_strings.c 426754 
>   branches/13/pbx/pbx_config.c 426754 
>   branches/13/main/utils.c 426754 
>   branches/13/main/config.c 426754 
>   branches/13/include/asterisk/utils.h 426754 
> 
> Diff: https://reviewboard.asterisk.org/r/4132/diff/
> 
> 
> Testing
> -------
> 
> Testsuite results before and after match.
> tests/manager/config will be updated to test escaped semicolons.
> A new testsuite test will be written to test dialplan save.
> 
> 
> Thanks,
> 
> George Joseph
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20141030/7dfcf622/attachment-0001.html>

More information about the asterisk-dev mailing list