Fix a CEL LINKEDID_END race and local channel linkedids
This patch has the ;2 channel inherit the linkedid of the ;1 channel and fixes
the race condition by no longer scanning the channel list for "other" channels
with the same linkedid. Instead, cel.c has an ao2 container of linkedid strings
and uses the refcount of the string as a counter of how many channels with the
linkedid exist. Not only does this eliminate the race condition, but it also
allows us to look up the linkedid by the hashed key instead of traversing the
entire channel list.
Don't leak a ref if out of memory and can't link the linkedid
If the ao2_link fails, we are most likely out of memory and bad things
are going to happen. Before those bad things happen, make sure to clean
up the linkedid references.
This patch also adds a comment explaining why linkedid can't be passed
to both local channel allocations and combines two ao2_ref calls into 1.
The security events framework API was changed in Asterisk 10 but the unit tests
were not updated at the same time.
This patch does the following:
* Adds two more security events that were added to the API
* Add challenge, received_challenge and received_hash in the inval_password
security event unit test
(issue ASTERISK-19760)
Reported by: Michael L. Young
Tested by: Michael L. Young
Patches:
issue-asterisk-19760-branch10.diff uploaded by Michael L. Young (license 5026)
Matthew Jordan [Wed, 2 May 2012 02:51:02 +0000 (02:51 +0000)]
Only log a failure to get read/write samples from factories if it didn't happen
In audiohook_read_frame_both, anytime samples are obtained from the read/write
factories a debug statement is logged stating that samples were not obtained
from the factories. This statement used to only occur if option_debug was
turned on and no samples were obtained; in some refactoring when the
option_debug statement was removed, the "else" clause was removed as well.
This patch makes it so that those debug log statements only occur if the
condition leading up to them actually happened.
........
Merged revisions 364965 from http://svn.asterisk.org/svn/asterisk/branches/10
Mark Michelson [Tue, 1 May 2012 23:23:44 +0000 (23:23 +0000)]
Remove a function that has been marked unused since Asterisk 1.6.0.
The reason I'm removing this is that Coverity reported a STRAY_SEMICOLON
issue here. Since the function has been unused for so long, I just elected
to remove it altogether.
Mark Michelson [Tue, 1 May 2012 23:11:22 +0000 (23:11 +0000)]
Fix Coverity-reported ARRAY_VS_SINGLETON error.
As it turned out, this wasn't a huge deal. We were calling
ast_app_parse_options() for a set of options of which none
took arguments. The proper thing to do for this case is to
pass NULL for the "args" parameter here. We were instead passing
a seemingly-randomly chosen char * from the function. While this
would never get written to, you can rest assured things would
have gotten bad had new options (which took arguments) been added
to func_volume.
(closes issue ASTERISK-19656)
........
Merged revisions 364899 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 364900 from http://svn.asterisk.org/svn/asterisk/branches/10
Kinsey Moore [Tue, 1 May 2012 19:10:48 +0000 (19:10 +0000)]
Play conf-placeintoconf message to the correct channel
Correct the code in app_confbridge to play the conf-placeintoconf message to
the marked user entering the bridge instead of to the conference while the
marked user hears silence.
(closes issue ASTERISK-19641) Reported-by: Mark A Walters
........
Merged revisions 364786 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 364787 from http://svn.asterisk.org/svn/asterisk/branches/10
Mark Michelson [Mon, 30 Apr 2012 19:51:55 +0000 (19:51 +0000)]
Revert revision 360862.
Revision 360862 was intended to improve identities sent in dialog-info
NOTIFY requests. Some users reported that hint became broken once this
was done. It's not clear exactly what part of the patch has caused this
regression, but broken hints are bad.
For now, this revision is being reverted so that the next releases of
Asterisk do not have bad behavior in them. The original reported issue
will have to be fixed differently in the next version of Asterisk.
(issue ASTERISK-16735)
........
Merged revisions 364706 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 364707 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Sun, 29 Apr 2012 19:50:57 +0000 (19:50 +0000)]
Fix error that caused truncate operations to fail
Another very inappropriate placement of a ')' (again introduced in r362151)
caused the various truncate operations to attempt to truncate the sound file
at a position of '0'.
Michael L. Young [Sun, 29 Apr 2012 02:23:22 +0000 (02:23 +0000)]
Fix configuring custom sound_leader_has_left in confbridge.conf
The configuration option to specify a custom sound_leader_has_left file for a
conference bridge was not being parsed. This patch fixes it so that a custom
sound file will now be used.
(closes issue ASTERISK-19771)
Reported by: Pawel Kuzak
Tested by: Pawel Kuzak, Michael L. Young
Patches: leaderhasleft_sound.dpatch uploaded by Pawel Kuzak (license 6380)
If enabled using the keepalive option in sip.conf a small packet will be sent
at a regular interval to keep the NAT mapping open. This is lightweight as the
remote side does not need to parse and handle a SIP message.
Russell Bryant [Sat, 28 Apr 2012 01:10:35 +0000 (01:10 +0000)]
app_minivm: Fix a couple compiler warnings.
The warnings were about argv[0] being used uninitialized, which is correct.
Just remove setting username to this value, since username is set again before
it actually gets used.
Russell Bryant [Sat, 28 Apr 2012 00:58:54 +0000 (00:58 +0000)]
features: Add FEATURE() and FEATUREMAP() functions.
Add two new dialplan functions: FEATURE() and FEATUREMAP(). FEATURE()
lets you set some of the configuration options from the [general] section
of features.conf on a per-channel basis. FEATUREMAP() lets you customize
the key sequence used to activate built-in features, such as blindxfer,
and automon. See the built-in documentation for details.
Fix ast_parse_arg numeric type range checking and add tests
ast_parse_arg wasn't checking for strto* parse errors or limiting
the results by the actual range of the numeric types. This patch fixes
that and adds unit tests as well.
Matthew Jordan [Fri, 27 Apr 2012 19:30:59 +0000 (19:30 +0000)]
Prevent overflow in calculation in ast_tvdiff_ms on 32-bit machines
The method ast_tvdiff_ms attempts to calculate the difference, in milliseconds,
between two timeval structs, and return the difference in a 64-bit integer.
Unfortunately, it assumes that the long tv_sec/tv_usec members in the timeval
struct are large enough to hold the calculated values before it returns. On
64-bit machines, this might be the case, as a long may be 64-bits. On 32-bit
machines, however, a long may be less (32-bits), in which case, the calculation
can overflow.
This overflow caused significant problems in MixMonitor, which uses the method
to determine if an audio factory, which has not presented audio to an audiohook,
is merely late in providing said audio or will never provide audio. In an
overflow situation, the audiohook would incorrectly determine that an audio
factory that will never provide audio is merely late instead. This led to
situations where a MixMonitor never recorded any audio. Note that this happened
most frequently when that MixMonitor was started by the ConfBridge application
itself, or when the MixMonitor was attached to a Local channel.
(issue ASTERISK-19497)
Reported by: Ben Klang
Tested by: Ben Klang
Patches:
32-bit-time-overflow-10-2012-04-26.diff (license #6283) by mjordan
(closes issue ASTERISK-19727)
Reported by: Mark Murawski
Tested by: Michael L. Young
Patches:
32-bit-time-overflow-2012-04-27.diff (license #6283) by mjordan)
Kinsey Moore [Fri, 27 Apr 2012 18:59:36 +0000 (18:59 +0000)]
Allow SIP pvts involved in Replaces transfers to fall out of reference sooner
Unref the SIP pvt stored in the refer structure as soon as it is no longer
needed so that the pvt and associated file descriptors can be freed sooner.
This change makes a reference decrement unnecessary in code that handles SIP
BYE/Also transfers which should not touch the reference anyway.
(Closes issue ASTERISK-19579)
Reported by: Maciej Krajewski
Tested by: Maciej Krajewski
........
Merged revisions 364258 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 364259 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Fri, 27 Apr 2012 14:45:08 +0000 (14:45 +0000)]
Allow for reloading SRTP crypto keys within the same SIP dialog
As a continuation of the patch in r356604, which allowed for the
reloading of SRTP keys in re-INVITE transfer scenarios, this patch
addresses the more common case where a new key is requested within
the context of a current SIP dialog. This can occur, for example, when
certain phones request a SIP hold.
Previously, once a dialog was associated with an SRTP object, any
subsequent attempt to process crypto keys in any SDP offer - either
the current one or a new offer in a new SIP request - were ignored. This
patch changes this behavior to only ignore subsequent crypto keys within
the current SDP offer, but allows future SDP offers to change the keys.
(issue ASTERISK-19253)
Reported by: Thomas Arimont
Tested by: Thomas Arimont
Stefan Schmidt [Fri, 27 Apr 2012 12:58:03 +0000 (12:58 +0000)]
fix a wrong behavior of alarm timezones in caldav and icalendar when an alarm doesnt use utc. This change uses the same timezone from the start time.
........
Merged revisions 364163 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Thu, 26 Apr 2012 20:35:41 +0000 (20:35 +0000)]
Fix DTMF atxfer running h exten after the wrong bridge ends.
When party B does an attended transfer of party A to party C, the
attending bridge between party B and C should not be running an h exten
when the bridge ends. Running an h exten now sets a softhangup flag to
ensure that an AGI will run in dead AGI mode.
* Set the AST_FLAG_BRIDGE_HANGUP_DONT on the party B channel for the
attending bridge between party B and C.
The reference held for SIP blind transfers using the Replaces header in an
INVITE was never freed on success and also failed to be freed in some error
conditions. This caused a file descriptor leak since the RTP structures in use
at the time of the transfer were never freed. This reference leak and another
relating to subscriptions in the same code path have now been corrected.
(closes issue ASTERISK-19579)
........
Merged revisions 363986 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363987 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Wed, 25 Apr 2012 20:51:58 +0000 (20:51 +0000)]
Make DAHDISendCallreroutingFacility wait 5 seconds for a reply before disconnecting the call.
Some switches may not handle the call-deflection/call-rerouting message if
the call is disconnected too soon after being sent. Asteisk was not
waiting for any reply before disconnecting the call.
* Added a 5 second delay before disconnecting the call to wait for a
potential response if the peer does not disconnect first.
(closes issue ASTERISK-19708)
Reported by: mehdi Shirazi
Patches:
jira_asterisk_19708_v1.8.patch (license #5621) patch uploaded by rmudgett
Tested by: rmudgett
........
Merged revisions 363730 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363734 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Wed, 25 Apr 2012 19:55:12 +0000 (19:55 +0000)]
Clear ISDN channel resetting state if the peer continues to use it.
Some ISDN switches occasionally fail to send a RESTART ACKNOWLEDGE in
response to a RESTART request.
* Made the second SETUP received after sending a RESTART request clear the
channel resetting state as if the peer had sent the expected RESTART
ACKNOWLEDGE before continuing to process the SETUP. The peer may not be
sending the expected RESTART ACKNOWLEDGE.
Richard Mudgett [Wed, 25 Apr 2012 01:26:44 +0000 (01:26 +0000)]
Fix recalled party B feature flags for a failed DTMF atxfer.
1) B calls A with Dial option T
2) B DTMF atxfer to C
3) B hangs up
4) C does not answer
5) B is called back
6) B answers
7) B cannot initiate transfers anymore
* Add dial features datastore to recalled party B channel that is a copy
of the original party B channel's dial features datastore.
* Extracted add_features_datastore() from add_features_datastores().
* Renamed struct ast_dial_features features_caller and features_callee
members to my_features and peer_features respectively. These better names
eliminate the need for some explanatory comments.
* Simplified code accessing the struct ast_dial_features datastore.
Jonathan Rose [Mon, 23 Apr 2012 14:48:22 +0000 (14:48 +0000)]
AST-2012-004: Fix an error that allows AMI users to run shell commands sans authorization.
As detailed in the advisory, AMI users without write authorization for SYSTEM class AMI
actions were able to run system commands by going through other AMI commands which did
not require that authorization. Specifically, GetVar and Status allowed users to do this
by setting their variable/s options to the SHELL or EVAL functions.
Also, within 1.8, 10, and trunk there was a similar flaw with the Originate action that
allowed users with originate permission to run MixMonitor and supply a shell command
in the Data argument. That flaw is fixed in those versions of this patch.
(closes issue ASTERISK-17465)
Reported By: David Woolley
Patches:
162_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
18_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
10_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
........
Merged revisions 363117 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
........
Merged revisions 363141 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363156 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Mon, 23 Apr 2012 14:10:19 +0000 (14:10 +0000)]
AST-2012-006: Fix crash in UPDATE handling when no channel owner exists
If Asterisk receives a SIP UPDATE request after a call has been terminated and
the channel has been destroyed but before the SIP dialog has been destroyed, a
condition exists where a connected line update would be attempted on a
non-existing channel. This would cause Asterisk to crash. The patch resolves
this by first ensuring that the SIP dialog has an owning channel before
attempting a connected line update. If an UPDATE request is received and no
channel is associated with the dialog, a 481 response is sent.
(closes issue ASTERISK-19770)
Reported by: Thomas Arimont
Tested by: Matt Jordan
Patches:
ASTERISK-19278-2012-04-16.diff uploaded by Matt Jordan (license 6283)
........
Merged revisions 363106 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363107 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Mon, 23 Apr 2012 13:53:24 +0000 (13:53 +0000)]
AST-2012-005: Fix remotely exploitable heap overflow in keypad button handling
When handling a keypad button message event, the received digit is placed into
a fixed length buffer that acts as a queue. When a new message event is
received, the length of that buffer is not checked before placing the new digit
on the end of the queue. The situation exists where sufficient keypad button
message events would occur that would cause the buffer to be overrun. This
patch explicitly checks that there is sufficient room in the buffer before
appending a new digit.
(closes issue ASTERISK-19592)
Reported by: Russell Bryant
........
Merged revisions 363100 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
........
Merged revisions 363102 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363103 from http://svn.asterisk.org/svn/asterisk/branches/10
Russell Bryant [Sat, 21 Apr 2012 11:40:42 +0000 (11:40 +0000)]
res_corosync: reimplement "corosync show members" command.
Reimplement the "corosync show members" CLI command using a CPG iterator
instead of the cpg_membership_get API call. This will also show all
CPG members, including those in groups other than 'asterisk', which may
be useful at some point for debugging purposes.
Richard Mudgett [Fri, 20 Apr 2012 23:29:56 +0000 (23:29 +0000)]
Fix connected-line/redirecting interception gosubs executing more than intended.
* Redo ast_app_run_sub()/ast_app_exec_sub() to use a known return point so
execution will stop after the routine returns there.
(s@gosub_virtual_context:1)
* Create ast_app_exec_macro() and ast_app_exec_sub() to run the macro and
gosub application respectively with the parameter string already created.
Michael L. Young [Fri, 20 Apr 2012 16:50:38 +0000 (16:50 +0000)]
Add missing payload type to events API
The Security Events Framework API was changed while adding the generation of
security events in chan_sip. A payload type and name was missed from being
added to struct ie_maps.
(closes issue ASTERISK-19759)
Reported by: Michael L. Young
Patches:
issue-asterisk-19759.diff uploaded by Michael L. Young (license 5026)
........
Merged revisions 362918 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Fri, 20 Apr 2012 16:23:01 +0000 (16:23 +0000)]
Use ast_channel_lock_both() where it was inlined before.
The CHANNEL_DEADLOCK_AVOIDANCE() feature of preserving where the channel
lock was originally obtained is overkill where ast_channel_lock_both() was
inlined.
Terry Wilson [Fri, 20 Apr 2012 14:50:42 +0000 (14:50 +0000)]
Document Speech* apps hangup on failure and suggest TryExec
The Speech API apps return -1 on failure, which will hang up the channel. This
may not be desirable behavior for some, but it isn't something that can be
changed without breaking people's dialplans or writing an option to all of the
Speech apps that does what TryExec already does. This patch documents the
hangup behavior of the apps, and suggests TryExec as the solution.
(closes issue AST-813)
........
Merged revisions 362815 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362816 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Fri, 20 Apr 2012 00:57:13 +0000 (00:57 +0000)]
Add original party id and reason support.
ISDN ETSI PTP and Q.SIG (And SS7 in future) have support for reporting who
was the original redirecting party of a call.
* Added support for the original redirecting party and reason to the
REDIRECTING function and the system core as well as to the stubbed
locations in sig_pri.c.
Michael L. Young [Thu, 19 Apr 2012 21:14:35 +0000 (21:14 +0000)]
Add leading and trailing backslashes
A couple of unit tests did not have have leading or trailing backslashes when
setting their test category resulting in a warning message being displayed.
Added the backslash where needed.
........
Merged revisions 362680 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362681 from http://svn.asterisk.org/svn/asterisk/branches/10
Sean Bright [Thu, 19 Apr 2012 16:10:04 +0000 (16:10 +0000)]
Prevent a crash in ExternalIVR when the 'S' command is sent first.
If the first command sent from an ExternalIVR client is an 'S' command, we were
blindly removing the first element from the play list and deferencing it, even
if it was NULL. This corrects that and also locks appropriately in one place.
(issue ASTERISK-17889)
Reported by: Chris Maciejewski
........
Merged revisions 362586 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362587 from http://svn.asterisk.org/svn/asterisk/branches/10
Terry Wilson [Thu, 19 Apr 2012 14:35:56 +0000 (14:35 +0000)]
Handle multiple commands per connection via netconsole
Asterisk would accept multiple NULL-delimited CLI commands via the
netconsole socket, but would occasionally miss a command due to the
command not being completely read into the buffer. This patch ensures
that any partial commands get moved to the front of the read buffer,
appended to, and properly sent.
Matthew Jordan [Thu, 19 Apr 2012 02:40:55 +0000 (02:40 +0000)]
Fix a variety of potential buffer overflows
* chan_mobile: Fixed an overrun where the cind_state buffer (an integer array
of size 16) would be overrun due to improper bounds checking. At worst, the
buffer can be overrun by a total of 48 bytes (assuming 4-byte integers),
which would still leave it within the allocated memory of struct hfp. This
would corrupt other elements in that struct but not necessarily cause any
further issues.
* app_sms: The array imsg is of size 250, while the array (ud) that the data
is copied into is of size 160. If the size of the inbound message is
greater then 160, up to 90 bytes could be overrun in ud. This would corrupt
the user data header (array udh) adjacent to ud.
* chan_unistim: A number of invalid memmoves are corrected. These would move
data (which may or may not be valid) into the ends of these buffers.
* asterisk: ast_console_toggle_loglevel does not check that the console log
level being set is less then or equal to the allowed log levels of 32.
* format_pref: In ast_codec_pref_prepend, if any occurrence of the specified
codec is not found, the value used to index into the array pref->order
would be one greater then the maximum size of the array.
* jitterbuf: If the element being placed into the jitter buffer lands in the
last available slot in the jitter history buffer, the insertion sort attempts
to move the last entry in the buffer into one slot past the maximum length
of the buffer. Note that this occurred for both the min and max jitter
history buffers.
* tdd: If a read from fsk_serial returns a character that is greater then 32,
an attempt to read past one of the statically defined arrays containing the
values that character maps to would occur.
* localtime: struct ast_time and tm are not the same size - ast_time is larger,
although it contains the elements of tm within it in the same layout. Hence,
when using memcpy to copy the contents of tm into ast_time, the size of tm
should be used, as opposed to the size of ast_time.
* extconf: this treats ast_timing's minmask array as if it had a length of 48,
when it has defined the size of the array as 24. pbx.h defines minmask as
having a size of 48.
(issue ASTERISK-19668)
Reported by: Matt Jordan
........
Merged revisions 362485 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362496 from http://svn.asterisk.org/svn/asterisk/branches/10
Michael L. Young [Wed, 18 Apr 2012 17:03:16 +0000 (17:03 +0000)]
Fix building security events test
The Security Events Framework API changed in trunk to support IPv6. This broke
the building of the security events test which was based around IPv4. This
patches fixes the build by changing the test to conform to the new changes.
Richard Mudgett [Wed, 18 Apr 2012 16:41:17 +0000 (16:41 +0000)]
Add ability to ignore layer 1 alarms for BRI PTMP lines.
Several telcos bring the BRI PTMP layer 1 down when the line is idle.
When layer 1 goes down, Asterisk cannot make outgoing calls. Incoming
calls could fail as well because the alarm processing is handled by a
different code path than the Q.931 messages.
* Add the layer1_presence configuration option to ignore layer 1 alarms
when the telco brings layer 1 down. This option can be configured by span
while the similar DAHDI driver teignorered=1 option is system wide. This
option unlike layer2_persistence does not require libpri v1.4.13 or newer.
Related to JIRA AST-598
JIRA ABE-2845
........
Merged revisions 362428 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362429 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Tue, 17 Apr 2012 21:23:25 +0000 (21:23 +0000)]
Handle case where an unknown format is used to get the preferred codec size
In ast_codec_pref_getsize, if an unknown format is passed to the method,
no preferred codec will be selected and a negative number will be used to
index into the format list. The method now logs an unknown format as a
warning, and returns an empty format list.
Matthew Jordan [Tue, 17 Apr 2012 21:14:49 +0000 (21:14 +0000)]
Fix places in resources where a negative return value could impact execution
This patch addresses a number of modules in resources that did not handle the
negative return value from function calls adequately. This includes:
* res_agi.c: if the result of the read function is a negative number,
indicating some failure, the result would instead be treated as the number
of bytes read. This patch now treats negative results in the same manner
as an end of file condition, with the exception that it also logs the
error code indicated by the return.
* res_musiconhold.c: if spawn_mp3 fails to assign a file descriptor to srcfd,
and instead assigns a negative value, that file descriptor could later be
passed to functions that require a valid file descriptor. If spawn_mp3 fails,
we now immediately retry instead of continuing in the logic.
* res_rtp_asterisk.c: if no codec can be matched between two RTP instances
in a peer to peer bridge, we immediately return instead of attempting to
use the codec payload type as an index to determine the appropriate negotiated
codec.
Jonathan Rose [Tue, 17 Apr 2012 21:10:50 +0000 (21:10 +0000)]
Make use of va_args more appropriate to form in various res_config modules plus utils.
A number of va_copy operations weren't matched with a corresponding va_end in res_config_odbc. Also, there was a potential for va_end to be invoked twice on the same va_arg in utils, which would mean invoking va_end on an undefined variable... which is bad.
va_end is removed from various functions in config_pgsql and config_curl since they aren't making their own copy. The invokers of those functions are responsible for calling va_end on them.
(issue ASTERISK-19451)
Reported by: Walter Doekes
Review: https://reviewboard.asterisk.org/r/1848/
........
Merged revisions 362354 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362357 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Tue, 17 Apr 2012 21:08:05 +0000 (21:08 +0000)]
Fix places in main where a negative return value could impact execution
This patch addresses a number of modules in main that did not handle the
negative return value from function calls adequately, or were not sufficiently
clear that the conditions leading to improper handling of the return values
could not occur. This includes:
* asterisk.c: A negative return value from the read function would be used
directly as an index into a buffer. We now check for success of the read
function prior to using its result as an index.
* manager.c: Check for failures in mkstemp and lseek when handling the
temporary file created for processing data returned from a CLI command in
action_command. Also check that the result of an lseek is sanitized prior
to using it as the size of a memory map to allocate.
Matthew Jordan [Tue, 17 Apr 2012 20:59:25 +0000 (20:59 +0000)]
Fix places where a negative return from ftello could be used as invalid input
In a variety of locations in both reading and writing a file, the result
from the C library function ftello is used as input to other functions. For
the parameters and functions in question, a negative value is invalid input.
This patch checks the return value from the ftello function to determine if
we were able to determine the current position in the file stream and, if not,
fail gracefully.
Matthew Jordan [Tue, 17 Apr 2012 18:29:51 +0000 (18:29 +0000)]
Fix error that caused seek format operations to set max file size to '1' or '0'
A very inappropriate placement of a ')' (introduced in r362151) caused the
maximum size of a file to be set as the result of a comparison operation, as
opposed to the result of the ftello operation. This resulted in seeking being
restricted to the beginning of the file, or 1 byte into the file. Thanks to
the Asterisk Test Suite for properly freaking out about this on at least one
test.
(issue ASTERISK-19655)
Reported by: Matt Jordan
........
Merged revisions 362304 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362305 from http://svn.asterisk.org/svn/asterisk/branches/10
Michael L. Young [Tue, 17 Apr 2012 15:00:02 +0000 (15:00 +0000)]
Turn off warning message when bind address is set to any.
When a bind address is set to an ANY address (udpbindport=::), a warning message
is displayed stating that "Address remapping activated in sip.conf but we're
using IPv6, which doesn't need it. Please remove 'localnet' and/or 'externaddr'
settings." But if one is running dual stack, we shouldn't be told to turn those
settings off.
This patch checks if the bind address is an ANY address or not. The warning
message will now only be displayed if the bind address is NOT an ANY address and
IPv6 is being used.
Also, updated the copyright year.
(closes issue ASTERISK-19456)
Reported by: Michael L. Young
Tested by: Michael L. Young
Patches:
chan_sip_ipv6_message.diff uploaded by Michael L. Young (license 5026)
........
Merged revisions 362253 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362264 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Mon, 16 Apr 2012 21:58:06 +0000 (21:58 +0000)]
Fix negative return handling in channel drivers
In chan_agent, while handling a channel indicate, the agent channel driver
must obtain a lock on both the agent channel, as well as the channel the
agent channel is using. To do so, it attempts to lock the other channel
first, then unlock the agent channel which is locked prior to entry into
the indicate handler. If this unlock fails with a negative return value,
which can occur if the object passed to agent_indicate is an invalid ao2
object or is NULL, the return value is passed directly to strerror, which
can only accept positive integer values.
In chan_dahdi, the return value of dahdi_get_index is used to directly
index into the sub-channel array. If dahd_get_index returns a negative
value, it would use that value to index into the array, which could cause
an invalid memory access. If dahdi_get_index returns a negative number,
we now default to SUB_REAL.
Matthew Jordan [Mon, 16 Apr 2012 21:42:12 +0000 (21:42 +0000)]
Fix handling of negative return code when storing voicemails in ODBC storage
When storing a voicemail message using an ODBC connection to a database, the
voicemail message is first stored on disk. The sound file associated with
the message is read into memory before being transmitted to the database.
When this occurs, a failure in the C library's lseek function would cause a
negative value to be passed to the mmap as the size of the memory map to
create. This would almost certainly cause the creation of the memory map to
fail, resulting in the message being lost.
Michael L. Young [Mon, 16 Apr 2012 21:20:50 +0000 (21:20 +0000)]
Add IPv6 address support to security events framework.
The current Security Events Framework API only supports IPv4 when it comes to
generating security events. This patch does the following:
* Changes the Security Events Framework API to support IPV6 and updates
the components that use this API.
* Eliminates an error message that was being generated since the current
implementation was treating an IPv6 socket address as if it was IPv4.
* Some copyright dates were updated on files touched by this patch.
(closes issue ASTERISK-19447)
Reported by: Michael L. Young
Tested by: Michael L. Young
Patches:
security_events_ipv6v3.diff uploaded by Michael L. Young (license 5026)
Matthew Jordan [Mon, 16 Apr 2012 20:17:03 +0000 (20:17 +0000)]
Check for IO stream failures in various format's truncate/seek operations
For the formats that support seek and/or truncate operations, many of
the C library calls used to determine or set the current position indicator
in the file stream were not being checked. In some situations, if an error
occurred, a negative value would be returned from the library call. This
could then be interpreted inappropriately as positional data.
This patch checks the return values from these library calls before
using them in subsequent operations.
Jonathan Rose [Fri, 13 Apr 2012 16:12:17 +0000 (16:12 +0000)]
Make ForkCDR e option not set end time of the newly forked CDR log
Prior to this patch, ForkCDR's e option would immediately set the end time of the forked
CDR to that of the CDR that is being terminated. This resulted in the new CDR's end time
being roughly the same as it's beginning time (which is in turn roughly the same as the
original's end time).
(closes issue ASTERISK-19164)
Reported by: Steve Davies
Patches:
cdr_fork_end.v10.patch uploaded by Steve Davies (license 5012)
........
Merged revisions 362082 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362084 from http://svn.asterisk.org/svn/asterisk/branches/10
Kinsey Moore [Thu, 12 Apr 2012 16:25:09 +0000 (16:25 +0000)]
Make trunkfreq take effect when set
Previously, setting trunkfreq had no effect on initial load or on reload and
only ever used the default value. This causes trunkfreq to be used
appropriately on initial load and reload.
Kinsey Moore [Thu, 12 Apr 2012 15:25:47 +0000 (15:25 +0000)]
Simplify build system architecture optimization
This change to the build system rips out any usage of PROC along with
architecture-specific optimizations in favor of using -march=native where it is
supported. This fixes broken builds on 64bit Intel systems and results in
better optimized code on systems running GCC 4.2+.
Jonathan Rose [Wed, 11 Apr 2012 17:20:08 +0000 (17:20 +0000)]
Change default value of 'ignorebusy' on Queue members so that behavior is more like 1.8
Prior to this patch, in order to restore that behavior, a function would have
to be used on the QueueMember to make the ringinuse option do anything, which
is pretty unreasonable.
(closes issue ASTERISK-19536)
reported by: Philippe Lindheimer
Review: https://reviewboard.asterisk.org/r/1860/
........
Merged revisions 361907 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Tue, 10 Apr 2012 21:50:46 +0000 (21:50 +0000)]
Prevent invalid access of free'd memory if DAHDI channel during an MWI event
In the MWI processing loop, when a valid event occurs the temporary caller ID
information is deallocated. If a new DAHDI channel is successfully created,
the event is passed up to the analog_ss_thread without error and the loop
exits. If, however, the DAHDI channel is not created, then the caller ID
struct has been free'd, and the gains reset to their previous level. This
will almost certainly cause an invalid access to the free'd memory, either
in subsequent calls to callerid_free or calls to callerid_feed.
* Rework the -r361705 patch to better manage the cs and mtd allocated
resources.
* Fixed use of mwimonitoractive flag to be correct if the mwi_thread()
fails to start.
........
Merged revisions 361854 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 361855 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Tue, 10 Apr 2012 19:58:04 +0000 (19:58 +0000)]
Fix crash caused by unloading or reloading of res_http_post
When unlinking itself from the registered HTTP URIs, res_http_post could
inadvertently free all URIs registered with the HTTP server. This patch
modifies the unregister method to only free the URI that is actually
being unregistered, as opposed to all of them.
........
Merged revisions 361803 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 361804 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Mon, 9 Apr 2012 21:47:54 +0000 (21:47 +0000)]
Allow func_curl to exit gracefully if list allocation fails during write
If the global_curl_info data structure could not be allocated, the
datastore associated with the operation would be free'd, but the function
would not return. This would later dereference the datastore, almost
certainly causing Asterisk to crash. With this patch, if the data
structure is not allocated the method will return an error code, and
not attempt any further operation.
........
Merged revisions 361753 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 361754 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Mon, 9 Apr 2012 20:55:53 +0000 (20:55 +0000)]
Prevent invalid access of free'd memory if DAHDI channel during an MWI event
In the MWI processing loop, when a valid event occurs the temporary caller ID
information is deallocated. If a new DAHDI channel is successfully created,
the event is passed up to the analog_ss_thread without error and the loop
exits. If, however, the DAHDI channel is not created, then the caller ID
struct has been free'd, and the gains reset to their previous level. This
will almost certainly cause an invalid access to the free'd memory, either
in subsequent calls to callerid_free or calls to callerid_feed.
This patch makes it so that we only free the caller ID structure if a
DAHDI channel is successfully created, and we bump the gains back up
if we fail to make a DAHDI channel.
........
Merged revisions 361705 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 361706 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Mon, 9 Apr 2012 19:44:35 +0000 (19:44 +0000)]
Change SHARED function to use a safe traversal when modifying a variable
When the SHARED function modifies a variable, it removes it from its list of
variables and reinserts the new value at the head of the list of variables.
Doing this inside a standard list traversal can be dangerous, as the
standard list traversal does not account for the list being changed. While
the code in question should not cause a use after free violation due to its
breaking out of the loop after freeing the variable, it could lead to a
maintenance issue if the loop was modified. This also fixes a violation
reported by a static analysis tool, which also makes this code easier to
maintain in the future.
........
Merged revisions 361657 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 361658 from http://svn.asterisk.org/svn/asterisk/branches/10
projects / thirdparty / asterisk.git / log
