From: Tilghman Lesher Date: Mon, 2 May 2011 19:09:55 +0000 (+0000) Subject: Merged revisions 316093 via svnmerge from X-Git-Tag: 1.8.5-rc1~11^2~188 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=082850f4c9129089fbd7001677e2f9987d00e8b7;p=thirdparty%2Fasterisk.git Merged revisions 316093 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.6.2 ........ r316093 | tilghman | 2011-05-02 14:04:36 -0500 (Mon, 02 May 2011) | 8 lines More possible crashes based upon invalid inputs. (closes issue #18161) Reported by: wdoekes Patches: 20110301__issue18161.diff.txt uploaded by tilghman (license 14) Tested by: wdoekes ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@316094 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/funcs/func_curl.c b/funcs/func_curl.c index d6c440257e..4d8fd0f801 100644 --- a/funcs/func_curl.c +++ b/funcs/func_curl.c @@ -462,6 +462,10 @@ static int acf_curl_helper(struct ast_channel *chan, const char *cmd, char *info *buf = '\0'; } + if (!str) { + return -1; + } + if (ast_strlen_zero(info)) { ast_log(LOG_WARNING, "CURL requires an argument (URL)\n"); ast_free(str); @@ -531,13 +535,12 @@ static int acf_curl_helper(struct ast_channel *chan, const char *cmd, char *info int rowcount = 0; while (fields && values && (piece = strsep(&remainder, "&"))) { char *name = strsep(&piece, "="); - if (!piece) { - piece = ""; + if (piece) { + ast_uri_decode(piece); } - ast_uri_decode(piece); ast_uri_decode(name); ast_str_append(&fields, 0, "%s%s", rowcount ? "," : "", name); - ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", piece); + ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", S_OR(piece, "")); rowcount++; } pbx_builtin_setvar_helper(chan, "~ODBCFIELDS~", ast_str_buffer(fields));