More possible crashes based upon invalid inputs.

(closes issue #18161)
 Reported by: wdoekes
 Patches:
       20110301__issue18161.diff.txt uploaded by tilghman (license 14)
 Tested by: wdoekes

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.6.2@316093 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/funcs/func_curl.c b/funcs/func_curl.c
index 9d6a0c8460c5b1fe399238d1ca7bc2137721dce0..4a045a92d71ee5a695c997138570073c18982241 100644 (file)
--- a/funcs/func_curl.c
+++ b/funcs/func_curl.c
@@ -409,7 +409,11 @@ static int acf_curl_exec(struct ast_channel *chan, const char *cmd, char *info,
        AST_LIST_HEAD(global_curl_info, curl_settings) *list = NULL;
 
        *buf = '\0';
-       
+
+       if (!str) {
+               return -1;
+       }
+
        if (ast_strlen_zero(info)) {
                ast_log(LOG_WARNING, "CURL requires an argument (URL)\n");
                ast_free(str);
@@ -479,13 +483,12 @@ static int acf_curl_exec(struct ast_channel *chan, const char *cmd, char *info,
                        int rowcount = 0;
                        while (fields && values && (piece = strsep(&remainder, "&"))) {
                                char *name = strsep(&piece, "=");
-                               if (!piece) {
-                                       piece = "";
+                               if (piece) {
+                                       ast_uri_decode(piece);
                                }
-                               ast_uri_decode(piece);
                                ast_uri_decode(name);
                                ast_str_append(&fields, 0, "%s%s", rowcount ? "," : "", name);
-                               ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", piece);
+                               ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", S_OR(piece, ""));
                                rowcount++;
                        }
                        pbx_builtin_setvar_helper(chan, "~ODBCFIELDS~", ast_str_buffer(fields));