This fixes autological comparison warnings in the following:
* chan_skinny: letohl may return a signed or unsigned value, depending on the
macro chosen
* func_curl: Provide a specific cast to CURLoption to prevent mismatch
* cel: Fix enum comparisons where the enum can never be negative
* enum: Fix comparison of return result of dn_expand, which returns a signed
int value
* event: Fix enum comparisons where the enum can never be negative
* indications: tone_data.freq1 and freq2 are unsigned, and hence can never be
negative
* presencestate: Use the actual enum value for INVALID state
* security_events: Fix enum comparisons where the enum can never be negative
* udptl: Don't bother to check if the return value from encode_length is less
than 0, as it returns an unsigned int
* translate: Since the parameters are unsigned int, don't bother checking
to see if they are negative. The cast to unsigned int would already blow
past the matrix bounds.
Review: https://reviewboard.asterisk.org/r/4533
ASTERISK-24917
Reported by: dkdegroot
patches:
rb4533.patch submitted by dkdegroot (License 6600)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@434469 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch fixes a bug in a unit test in func_math where a variable could be
passed to ast_free that wasn't allocated. This patch corrects the issue and
ensures that we only attempt to free a variable if we previously allocated
it.
Review: https://reviewboard.asterisk.org/r/4552
ASTERISK-24917
Reported by: dkdegroot
patches:
rb4552.patch submitted by dkdegroot (License 6600)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@434190 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When r432935 was merged, it did correctly fix a situation where a FILE read
operation on the middle of a file buffer would not read the requested length
in the parameters passed to the FILE function. Unfortunately, it would also
allow the FILE function to append more bytes than what was available in the
buffer if the length exceeded the end of the buffer length.
This patch takes the minimum of the remaining bytes in the buffer along with
the calculated length to append provided by the original patch, and uses
that as the length to append in the return result. This patch also updates
the unit tests with the scenarios that were originally pointed out in
ASTERISK-21765 that the original implementation treated incorrectly.
ASTERISK-21765
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433173 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This code originally kept a lock held when performing the HTTP
request to ensure that the options provided to curl remain valid.
This doesn't seem to be necessary these days and holding the lock
caused requests to happen sequentially instead of in parallel.
ASTERISK-18708 #close
Reported by: Dave Cabot
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@432948 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The loop that reads in a file was not correctly using the offset when
determining what bytes to append to the output. This patch corrects
the logic such that the correct portion of the file is extracted when an
offset is specified.
ASTERISK-21765
Reported by: John Zhong
Tested by: Matt Jordan, Di-Shi Sun
patches:
file_read_390821.patch uploaded by Di-Shi Sun (License 5076)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@432935 65c4cc65-6c06-0410-ace0-fbb531ad65f3
CVE-2014-8150 disclosed a vulnerability in libcURL where HTTP request injection
can be performed given properly-crafted URLs.
Since Asterisk makes use of libcURL, and it is possible that users of Asterisk may
get cURL URLs from user input or remote sources, we have made a patch to Asterisk
to prevent such HTTP injection attacks from originating from Asterisk.
ASTERISK-24676 #close
Reported by Matt Jordan
Review: https://reviewboard.asterisk.org/r/4364
AST-2015-002
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431297 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When the channel datastore associated with the usage of CURLOPT on a specific
channel is freed, the underlying structure holding the list of options is not
disposed of. This patch properly frees the structure in the datastore .destroy
callback.
ASTERISK-24672 #close
Reported by: Kristian Hogh
patches:
func_curl-memory-leak.diff uploaded by Kristian Hogh (License 6639)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430487 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The DB dialplan function when executed from an external protocol (for instance
AMI), could result in a privilege escalation.
Asterisk now inhibits the DB function from being executed from an external
interface if the live_dangerously option is set to no.
ASTERISK-24534
Reported by: Gareth Palmer
patches: submitted by Gareth Palmer (license 5169)
........
Merged revisions 428331 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@428363 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When you call the CONFIG dialplan function with the name of a variable that
doesn't exist in the target context you get an ERROR. This does nothing but
clutter up the logs with messages that may be perfectly acceptable. Just
because a variable wasn't in the context doesn't mean it's an error. Maybei
t's optional or just needs to be defaulted or ignored.
This patch changes the log level from ERROR to DEBUG. If a dialplan developer
wants to debug their dialplan they still canby setting the console debug level
as needed.
Tested by: George Joseph
Review: https://reviewboard.asterisk.org/r/3919/
........
Merged revisions 421327 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@421328 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The change that removed the fixed size buffers in odbc-related code --
removing arbitrary column width limits -- was incomplete. This change
adds: no segfault on writesql without insertsql and return value checks
after strdup.
While I was in the vicinity I cleaned up the linefeeds in the odbc
function descriptions, moved some code for clarity, removed some blobs
and noted (but didn't fix) that the 'odbc write ... exec' CLI command
doesn't behave as the dialplan equivalent when insertsql= is used.
#ASTERISK-23582 #close
Review: https://reviewboard.asterisk.org/r/3579/
........
Merged revisions 414997 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@414998 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The per console verbose level feature as previously implemented caused a
large performance penalty. The fix required some minor incompatibilities
if the new rasterisk is used to connect to an earlier version. If the new
rasterisk connects to an older Asterisk version then the root console
verbose level is always affected by the "core set verbose" command of the
remote console even though it may appear to only affect the current
console. If an older version of rasterisk connects to the new version
then the "core set verbose" command will have no effect.
* Fixed the verbose performance by not generating a verbose message if
nothing is going to use it and then filtered any generated verbose
messages before actually sending them to the remote consoles.
* Split the "core set debug" and "core set verbose" CLI commands to remove
the per module verbose support that cannot work with the per console
verbose level.
* Added a silent option to the "core set verbose" command.
* Fixed "core set debug off" tab completion.
* Made "core show settings" list the current console verbosity in addition
to the root console verbosity.
* Changed the default verbose level of the 'verbose' setting in the
logger.conf [logfiles] section. The default is now to once again follow
the current root console level. As a result, using the AMI Command action
with "core set verbose" could again set the root console verbose level and
affect the verbose level logged.
(closes issue AST-1252)
Reported by: Guenther Kelleter
Review: https://reviewboard.asterisk.org/r/3114/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@405431 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When calling REPLACE() with an empty replace-char argument, strcpy
is used to overwrite the the matching <find-char>. However as the
src and dest arguments to strcpy must not overlap, it causes other
parts of the string to be overwritten with adjacent characters and
the result is mangled. Patch replaces call to strcpy with memmove
and adds a test suite case for REPLACE.
(closes issue ASTERISK-22910)
Reported by: Gareth Palmer
Review: https://reviewboard.asterisk.org/r/3083/
Patches:
func_strings.patch uploaded by Gareth Palmer (license 5169)
........
Merged revisions 404674 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@404675 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch allows individual dialplan functions to be marked as
'dangerous', to inhibit their execution from external sources.
A 'dangerous' function is one which results in a privilege escalation.
For example, if one were to read the channel variable SHELL(rm -rf /)
Bad Things(TM) could happen; even if the external source has only read
permissions.
Execution from external sources may be enabled by setting
'live_dangerously' to 'yes' in the [options] section of asterisk.conf.
Although doing so is not recommended.
(closes issue ASTERISK-22905)
Review: http://reviewboard.digium.internal/r/432/
........
Merged revisions 403913 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@403917 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The AST_CONFIG dialplan function defined in func_config.c allocates its
config file list entries using ast_malloc. List entry allocations
destined for use with Asterisk's linked list API must be ast_calloc()d
or otherwise initialized so that list pointers are set to NULL. These
uses of ast_malloc have been replaced by ast_calloc to prevent
dereferencing of uninitialized pointer values when traversing the list.
(closes issue ASTERISK-22483)
Reported by: Brian Scott
........
Merged revisions 400694 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@400697 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch cleans up documentation in func_channel for the following items:
* rtpsource
* secure_signaling
* secure_media
* various OOH323 parameters
(closes issue ASTERISK-20969)
Reported by: snuffy
patches:
func_chan-update.diff uploaded by snuffy (License 5024)
........
Merged revisions 394980 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@394981 65c4cc65-6c06-0410-ace0-fbb531ad65f3
It is not apparent to the average user that the PASSTHRU function should not
be passed as ${PASSTHRU(string)} but just as PASSTHRU(string) to functions
which take a variable name and not its contents.
This patch clarifies the behavior in the documentation and provides an example.
(closes issue ASTERISK-21717)
Reported by: Richard Miller
patches:
func_strings.diff uploaded by Richard Miller (license 5685)
........
Merged revisions 394302 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@394303 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch fixes a crash in Asterisk that could be caused by using the
PresenceState AMI action while providing an invalid provider. This patch
also adds some additional warnings when a user attempts to provide the
PresenceState action with invalid data, and removes some NOTICE statements
that were still lurking in the code from testing.
(closes issue AST-1084)
Reported by: John Bigelow
Tested by: John Bigelow
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381594 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When reading configuration data from an Asterisk .conf file or when pulling
data from an Asterisk RealTime backend, Asterisk was copying the data on the
stack for manipulation. Unfortunately, it is possible to read configuration
data or realtime data from some data source that provides a large blob of
characters. This could potentially cause a crash via a stack overflow.
This patch prevents large sets of data from being read from an ARA backend or
from an Asterisk conf file.
(issue ASTERISK-20658)
Reported by: wdoekes
Tested by: wdoekes, mmichelson
patches:
* issueA20658_dont_process_overlong_config_lines.patch uploaded by wdoekes (license 5674)
* issueA20658_func_realtime_limit.patch uploaded by wdoekes (license 5674)
........
Merged revisions 378375 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378376 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk maintains an internal cache for devices in the event subsystem. The
device state cache holds the state of each device known to Asterisk, such that
consumers of device state information can query for the last known state for
a particular device, even if it is not part of an active call. The concept of
a device in Asterisk can include entities that do not have a physical
representation. One way that this occurred was when anonymous calls are allowed
in Asterisk. A device was automatically created and stored in the cache for
each anonymous call that occurred; this was possible in the SIP and IAX2
channel drivers and through channel drivers that utilized the
res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). These devices
are never removed from the system, allowing anonymous calls to potentially
exhaust a system's resources.
This patch changes the event cache subsystem and device state management to
no longer cache devices that are not associated with a physical entity.
(issue ASTERISK-20175)
Reported by: Russell Bryant, Leif Madsen, Joshua Colp
Tested by: kmoore
patches:
event-cachability-3.diff uploaded by jcolp (license 5000)
........
Merged revisions 378303 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378320 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378321 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Currently, if an acknowledgement of a timer fails Asterisk will not realize
that a serious error occurred and will continue attempting to use the timer's
file descriptor. This can lead to situations where errors stream to the
CLI/log file. This consumes significant resources, masks the actual problem
that occurred (whatever caused the timer to fail in the first place), and
can leave channels in odd states.
This patch propagates the errors in the timing resource modules up through
the timer core, and makes users of these timers handle acknowledgement
failures. It also adds some defensive coding around the use of timers
to prevent using bad file descriptors in off nominal code paths.
Note that the patch created by the issue reporter was modified slightly for
this commit and backported to 1.8, as it was originally written for
Asterisk 10.
Review: https://reviewboard.asterisk.org/r/2178/
(issue ASTERISK-20032)
Reported by: Jeremiah Gowdy
patches:
jgowdy-timerfd-6-22-2012.diff uploaded by Jeremiah Gowdy (license 6358)
........
Merged revisions 375893 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 375894 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@375895 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* ASTERISK-20383
Missing named call pickup group features:
CHANNEL(callgroup) - Need CHANNEL(namedcallgroup)
CHANNEL(pickupgroup) - Need CHANNEL(namedpickupgroup)
Pickup() - Needs to also select from named pickup groups.
* ASTERISK-20384
Using the pickupexten, the pickup channel selection could fail even though
there was a call it could have picked up. In a call pickup race when
there are multiple calls to pickup and two extensions try to pickup a
call, it is conceivable that the loser will not pick up any call even
though it could have picked up the next oldest matching call.
Regression because of the named call pickup group feature.
* See ASTERISK-20386 for the implementation improvements. These are the
changes in channel.c and channel.h.
* Fixed some locking issues in CHANNEL().
(closes issue ASTERISK-20383)
Reported by: rmudgett
(closes issue ASTERISK-20384)
Reported by: rmudgett
(closes issue ASTERISK-20386)
Reported by: rmudgett
Tested by: rmudgett
Review: https://reviewboard.asterisk.org/r/2112/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@373220 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The name of the "HangupCauseClear" application is "HangupCauseClear",
not "HangupcauseClear". The incorrect case of 'cause' caused the
XML documentation to not register properly.
As an aside, this commit message felt very awkward, but I'm not sure
how else to note that "X", which has to be "X", was referred to as "x".
(closes issue ASTERISK-20253)
Reported by: Andrew Latham
Patches:
hangupcause.diff uploaded by Andrew Latham (license #5985)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@371516 65c4cc65-6c06-0410-ace0-fbb531ad65f3
