[svn-commits] sgriepentrog: branch 1.8 r404674 - /branches/1.8/funcs/func_strings.c

SVN commits to the Digium repositories svn-commits at lists.digium.com
Thu Jan 2 13:32:24 CST 2014


Author: sgriepentrog
Date: Thu Jan  2 13:32:20 2014
New Revision: 404674

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=404674
Log:
func_strings: use memmove to prevent overlapping memory on strcpy

When calling REPLACE() with an empty replace-char argument, strcpy
is used to overwrite the the matching <find-char>.  However as the
src and dest arguments to strcpy must not overlap, it causes other
parts of the string to be overwritten with adjacent characters and
the result is mangled.  Patch replaces call to strcpy with memmove
and adds a test suite case for REPLACE.

(closes issue ASTERISK-22910)
Reported by: Gareth Palmer
Patches:
    func_strings.patch uploaded by Gareth Palmer (license 5169)


Modified:
    branches/1.8/funcs/func_strings.c

Modified: branches/1.8/funcs/func_strings.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.8/funcs/func_strings.c?view=diff&rev=404674&r1=404673&r2=404674
==============================================================================
--- branches/1.8/funcs/func_strings.c (original)
+++ branches/1.8/funcs/func_strings.c Thu Jan  2 13:32:20 2014
@@ -823,8 +823,7 @@
 		 * directly there */
 		if (strchr(find, *strptr)) {
 			if (ast_strlen_zero(replace)) {
-				/* Remove character */
-				strcpy(strptr, strptr + 1); /* SAFE */
+				memmove(strptr, strptr + 1, strlen(strptr + 1) + 1);
 				strptr--;
 			} else {
 				/* Replace character */
@@ -1619,6 +1618,76 @@
 	return res;
 }
 
+AST_TEST_DEFINE(test_REPLACE)
+{
+	int i, res = AST_TEST_PASS;
+	struct ast_channel *chan;
+	struct ast_str *str;
+	char expression[256];
+	struct {
+		const char *test_string;
+		const char *find_chars;
+		const char *replace_char;
+		const char *expected;
+	} test_args[] = {
+		{"abc,def", "\\,", "-", "abc-def"},
+		{"abc,abc", "bc",  "a", "aaa,aaa"},
+		{"abc,def", "x",   "?", "abc,def"},
+		{"abc,def", "\\,", "",  "abcdef"}
+	};
+
+	switch (cmd) {
+	case TEST_INIT:
+		info->name = "func_REPLACE_test";
+		info->category = "/funcs/func_strings/";
+		info->summary = "Test REPLACE function";
+		info->description = "Verify REPLACE behavior";
+		return AST_TEST_NOT_RUN;
+	case TEST_EXECUTE:
+		break;
+	}
+
+	if (!(chan = ast_dummy_channel_alloc())) {
+		ast_test_status_update(test, "Unable to allocate dummy channel\n");
+		return AST_TEST_FAIL;
+	}
+
+	if (!(str = ast_str_create(16))) {
+		ast_test_status_update(test, "Unable to allocate dynamic string buffer\n");
+		ast_channel_release(chan);
+		return AST_TEST_FAIL;
+	}
+
+	for (i = 0; i < ARRAY_LEN(test_args); i++) {
+		struct ast_var_t *var = ast_var_assign("TEST_STRING", test_args[i].test_string);
+		if (!var) {
+			ast_test_status_update(test, "Out of memory\n");
+			res = AST_TEST_FAIL;
+			break;
+		}
+
+		AST_LIST_INSERT_HEAD(ast_channel_varshead(chan), var, entries);
+
+		snprintf(expression, sizeof(expression), "${REPLACE(%s,%s,%s)}", var->name, test_args[i].find_chars, test_args[i].replace_char);
+		ast_str_substitute_variables(&str, 0, chan, expression);
+
+		AST_LIST_REMOVE(ast_channel_varshead(chan), var, entries);
+		ast_var_delete(var);
+
+		if (strcasecmp(ast_str_buffer(str), test_args[i].expected)) {
+			ast_test_status_update(test, "Evaluation of '%s' returned '%s' instead of the expected value '%s'\n",
+				expression, ast_str_buffer(str), test_args[i].expected);
+			res = AST_TEST_FAIL;
+			break;
+		}
+	}
+
+	ast_free(str);
+	ast_channel_release(chan);
+
+	return res;
+}
+
 AST_TEST_DEFINE(test_FILTER)
 {
 	int i, res = AST_TEST_PASS;
@@ -1660,6 +1729,7 @@
 	int res = 0;
 
 	AST_TEST_UNREGISTER(test_FIELDNUM);
+	AST_TEST_UNREGISTER(test_REPLACE);
 	AST_TEST_UNREGISTER(test_FILTER);
 	res |= ast_custom_function_unregister(&fieldqty_function);
 	res |= ast_custom_function_unregister(&fieldnum_function);
@@ -1694,6 +1764,7 @@
 	int res = 0;
 
 	AST_TEST_REGISTER(test_FIELDNUM);
+	AST_TEST_REGISTER(test_REPLACE);
 	AST_TEST_REGISTER(test_FILTER);
 	res |= ast_custom_function_register(&fieldqty_function);
 	res |= ast_custom_function_register(&fieldnum_function);




More information about the svn-commits mailing list