<html>
<body>
<div style="font-family: Verdana, Arial, Helvetica, Sans-Serif;">
<table bgcolor="#f9f3c9" width="100%" cellpadding="8" style="border: 1px #c9c399 solid;">
<tr>
<td>
This is an automatically generated e-mail. To reply, visit:
<a href="https://reviewboard.asterisk.org/r/2994/">https://reviewboard.asterisk.org/r/2994/</a>
</td>
</tr>
</table>
<br />
<div>
<table width="100%" border="0" bgcolor="white" style="border: 1px solid #C0C0C0; border-collapse: collapse; margin: 2px padding: 2px;">
<thead>
<tr>
<th colspan="4" bgcolor="#F0F0F0" style="border-bottom: 1px solid #C0C0C0; font-size: 9pt; padding: 4px 8px; text-align: left;">
<a href="https://reviewboard.asterisk.org/r/2994/diff/2/?file=48312#file48312line631" style="color: black; font-weight: bold; text-decoration: underline;">/branches/12/main/http.c</a>
<span style="font-weight: normal;">
(Diff revision 2)
</span>
</th>
</tr>
</thead>
<tbody>
<tr>
<th bgcolor="#b1ebb0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2"></font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "></pre></td>
<th bgcolor="#b1ebb0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">631</font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "><span class="tb"> </span><span class="tb"> </span><span class="tb"> </span><span class="k">return</span> <span class="n">atoi</span><span class="p">(</span><span class="n">v</span><span class="o">-></span><span class="n">value</span><span class="p">);</span></pre></td>
</tr>
</tbody>
</table>
<pre style="margin-left: 2em; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Particularly since this is coming from an external source, we should probably use sscanf.
You pretty much do all of your checking for this already in ast_http_get_json, so it might be a moot point, but hey - coding guidelines :-)</pre>
</div>
<br />
<div>
<table width="100%" border="0" bgcolor="white" style="border: 1px solid #C0C0C0; border-collapse: collapse; margin: 2px padding: 2px;">
<thead>
<tr>
<th colspan="4" bgcolor="#F0F0F0" style="border-bottom: 1px solid #C0C0C0; font-size: 9pt; padding: 4px 8px; text-align: left;">
<a href="https://reviewboard.asterisk.org/r/2994/diff/2/?file=48314#file48314line269" style="color: black; font-weight: bold; text-decoration: underline;">/branches/12/res/res_ari_applications.c</a>
<span style="font-weight: normal;">
(Diff revision 2)
</span>
</th>
</tr>
</thead>
<tbody style="background-color: #e4d9cb; padding: 4px 8px; text-align: center;">
<tr>
<td colspan="4"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">fin: __attribute__((unused))</pre></td>
</tr>
</tbody>
<tbody>
<tr>
<th bgcolor="#b1ebb0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2"></font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "></pre></td>
<th bgcolor="#b1ebb0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">269</font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "><span class="tb"> </span><span class="tb"> </span><span class="n">args</span><span class="p">.</span><span class="n">event_source_count</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span></pre></td>
</tr>
<tr>
<th bgcolor="#b1ebb0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2"></font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "></pre></td>
<th bgcolor="#b1ebb0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">270</font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "><span class="tb"> </span><span class="tb"> </span><span class="n">args</span><span class="p">.</span><span class="n">event_source</span> <span class="o">=</span> <span class="n">ast_malloc</span><span class="p">(</span><span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">args</span><span class="p">.</span><span class="n">event_source</span><span class="p">)</span> <span class="o">*</span> <span class="n">args</span><span class="p">.</span><span class="n">event_source_count</span><span class="p">);</span></pre></td>
</tr>
</tbody>
</table>
<pre style="margin-left: 2em; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Why wouldn't we need to free args.event_source here as well? Could it not have been allocated previously on line 219 as well?</pre>
</div>
<br />
<div>
<table width="100%" border="0" bgcolor="white" style="border: 1px solid #C0C0C0; border-collapse: collapse; margin: 2px padding: 2px;">
<thead>
<tr>
<th colspan="4" bgcolor="#F0F0F0" style="border-bottom: 1px solid #C0C0C0; font-size: 9pt; padding: 4px 8px; text-align: left;">
<a href="https://reviewboard.asterisk.org/r/2994/diff/2/?file=48314#file48314line419" style="color: black; font-weight: bold; text-decoration: underline;">/branches/12/res/res_ari_applications.c</a>
<span style="font-weight: normal;">
(Diff revision 2)
</span>
</th>
</tr>
</thead>
<tbody style="background-color: #e4d9cb; padding: 4px 8px; text-align: center;">
<tr>
<td colspan="4"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">fin: __attribute__((unused))</pre></td>
</tr>
</tbody>
<tbody>
<tr>
<th bgcolor="#b1ebb0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2"></font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "></pre></td>
<th bgcolor="#b1ebb0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">419</font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "><span class="tb"> </span><span class="tb"> </span><span class="n">args</span><span class="p">.</span><span class="n">event_source_count</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span></pre></td>
</tr>
<tr>
<th bgcolor="#b1ebb0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2"></font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "></pre></td>
<th bgcolor="#b1ebb0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">420</font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "><span class="tb"> </span><span class="tb"> </span><span class="n">args</span><span class="p">.</span><span class="n">event_source</span> <span class="o">=</span> <span class="n">ast_malloc</span><span class="p">(</span><span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">args</span><span class="p">.</span><span class="n">event_source</span><span class="p">)</span> <span class="o">*</span> <span class="n">args</span><span class="p">.</span><span class="n">event_source_count</span><span class="p">);</span></pre></td>
</tr>
</tbody>
</table>
<pre style="margin-left: 2em; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Same finding here.</pre>
</div>
<br />
<p>- Matt Jordan</p>
<br />
<p>On November 15th, 2013, 6:29 p.m. UTC, David Lee wrote:</p>
<table bgcolor="#fefadf" width="100%" cellspacing="0" cellpadding="8" style="background-image: url('https://reviewboard.asterisk.org/static/rb/images/review_request_box_top_bg.ab6f3b1072c9.png'); background-position: left top; background-repeat: repeat-x; border: 1px black solid;">
<tr>
<td>
<div>Review request for Asterisk Developers and Paul Belanger.</div>
<div>By David Lee.</div>
<p style="color: grey;"><i>Updated Nov. 15, 2013, 6:29 p.m.</i></p>
<div style="margin-top: 1.5em;">
<b style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Bugs: </b>
<a href="https://issues.asterisk.org/jira/browse/ASTERISK-22685">ASTERISK-22685</a>
</div>
<div style="margin-top: 1.5em;">
<b style="color: #575012; font-size: 10pt;">Repository: </b>
Asterisk
</div>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Description </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">The patch allows ARI to parse request parameters from an incoming JSON
request body, instead of requiring the request to come in as query
parameters (which is just weird for POST and DELETE) or form
parameters (which is okay, but a bit asymmetric given that all of our
responses are JSON).
For any operation that does _not_ have a parameter defined of type
body (i.e. "paramType": "body" in the API declaration), if a request
provides a request body with a Content type of "application/json", the
provided JSON document is parsed and searched for parameters.
The expected fields in the provided JSON document should match the
query parameters defined for the operation. If the parameter has
'allowMultiple' set, then the field in the JSON document may
optionally be an array of values.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Testing </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Testsuite test.
See https://reviewboard.asterisk.org/r/2993/</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b> </h1>
<ul style="margin-left: 3em; padding-left: 0;">
<li>/branches/12/tests/test_ari.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/rest-api-templates/swagger_model.py <span style="color: grey">(402455)</span></li>
<li>/branches/12/rest-api-templates/res_ari_resource.c.mustache <span style="color: grey">(402455)</span></li>
<li>/branches/12/rest-api-templates/param_parsing.mustache <span style="color: grey">(402455)</span></li>
<li>/branches/12/rest-api-templates/asterisk_processor.py <span style="color: grey">(402455)</span></li>
<li>/branches/12/res/res_ari_sounds.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/res/res_ari_recordings.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/res/res_ari_playback.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/res/res_ari_endpoints.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/res/res_ari_channels.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/res/res_ari_bridges.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/res/res_ari_asterisk.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/res/res_ari_applications.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/res/res_ari.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/main/http.c <span style="color: grey">(402455)</span></li>
<li>/branches/12/include/asterisk/http.h <span style="color: grey">(402455)</span></li>
<li>/branches/12/include/asterisk/ari.h <span style="color: grey">(402455)</span></li>
</ul>
<p><a href="https://reviewboard.asterisk.org/r/2994/diff/" style="margin-left: 3em;">View Diff</a></p>
</td>
</tr>
</table>
</div>
</body>
</html>