This patch addresses a number of memory leaks in a variety of modules that were
found by a static analysis tool. A brief summary of the changes:
* app_minivm: free ast_str objects on off nominal paths
* app_page: free the ast_dial object if the requested channel technology
cannot be appended to the dialing structure
* app_queue: if a penalty rule failed to match any existing rule list
names, the created rule would not be inserted and its memory
would be leaked
* app_read: dispose of the created silence detector in the presence of
off nominal circumstances
* app_voicemail: dispose of an allocated unique ID field for MWI event
un-subscribe requests in off nominal paths; dispose of
configuration objects when using the secret.conf option
* chan_dahdi: dispose of the allocated frame produced by ast_dsp_process
* chan_iax2: properly unref peer in CLI command "iax2 unregister"
* chan_sip: dispose of the allocated frame produced by sip_rtp_read's
call of ast_dsp_process; free memory in parse unit tests
* func_dialgroup: properly deref ao2 object grhead in nominal path of
dialgroup_read
* func_odbc: free resultset in off nominal paths of odbc_read
* cli: free match_list in off nominal paths of CLI match completion
* config: free comment_buffer/list_buffer when configuration file load
is unchanged; free the same buffers any time they were
created and config files were processed
* data: free XML nodes in various places
* enum: free context buffer in off nominal paths
* features: free ast_call_feature in off nominal paths of applicationmap
config processing
* netsock2: users of ast_sockaddr_resolve pass in an ast_sockaddr struct
that is allocated by the method. Failures in
ast_sockaddr_resolve could result in the users of the method
not knowing whether or not the buffer was allocated. The
method will now not allocate the ast_sockaddr struct if it
will return failure.
* pbx: cleanup hash table traversals in off nominal paths; free
ignore pattern buffer if it already exists for the specified
context
* xmldoc: cleanup various nodes when we no longer need them
* main/editline: various cleanup of pointers not being freed before being
assigned to other memory, cleanup along off nominal paths
* menuselect/mxml: cleanup of value buffer for an attribute when that attribute
did not specify a value
* res_calendar*: responses are allocated via the various *_request method
returns and should not be allocated in the various
write_event methods; ensure attendee buffer is freed if no
data exists in the parsed node; ensure that calendar objects
are de-ref'd appropriately
* res_jabber: free buffer in off nominal path
* res_musiconhold: close the DIR* object in off nominal paths
* res_rtp_asterisk: if we run out of ports, close the rtp socket object and free
the rtp object
* res_srtp: if we fail to create the session in libsrtp, destroy the
temporary ast_srtp object
(issue ASTERISK-19665)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/1922
........
Merged revisions 366880 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 366881 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@366917 65c4cc65-6c06-0410-ace0-fbb531ad65f3
There was a slight discrepancy in the behaviors of the old SIP_CAUSE and the
new SIP_CAUSE/HANGUPCAUSE when a channel had been originated and had not yet
been answered. This caused the noload_res_srtp_attempt_srtp test to fail since
the SIP_CAUSE variable was never actually set. This behavior has been restored.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@366843 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch improves the handling of call id logging significantly with regard
to transfers and adding APIs to better handle specific aspects of logging.
Also, changes have been made to chan_sip in order to better handle the creation
of callids and to enable the monitor thread to bind itself to a particular
call id when a dialog is determined to be related to a callid. It then unbinds
itself before returning to normal monitoring.
review: https://reviewboard.asterisk.org/r/1886/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@366842 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This is the starting point for the Asterisk 11: Who Hung Up work and provides
a framework which will allow channel drivers to report the types of hangup
cause information available in SIP_CAUSE without incurring the overhead of the
MASTER_CHANNEL dialplan function. The initial implementation only includes
cause generation for chan_sip and does not include cause code translation
utilities.
This change deprecates SIP_CAUSE and replaces its method of reporting cause
codes with the new framework. This change also deprecates the 'storesipcause'
option in sip.conf.
Review: https://reviewboard.asterisk.org/r/1822/
(Closes issue SWP-4221)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@366408 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Before this patch, the predial routine executes on the ;1 channel of a
local channel pair. Executing predial on the ;1 channel of a local
channel pair is of limited utility. Any channel variables set by the
predial routine executing on the ;1 channel will not be available when the
local channel executes dialplan on the ;2 channel.
* Create ast_pre_call() and an associated pre_call() technology callback
to handle running the predial routine. If a channel technology does not
provide the callback, the predial routine is simply run on the channel.
Review: https://reviewboard.asterisk.org/r/1903/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@366183 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This resolves core findings from ASTERISK-19650 numbers 0-2, 6, 7, 9-11, 14-20,
22-24, 28, 30-32, 34-36, 42-56, 82-84, 87, 89-90, 93-102, 104, 105, 109-111,
and 115. Finding numbers 26, 33, and 29 were already resolved. Those skipped
were either extended/deprecated or in areas of code that shouldn't be
disturbed.
(Closes issue ASTERISK-19650)
........
Merged revisions 366167 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 366168 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@366169 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The VoiceMail d([c]) option is documented to accept digits for a new extension
in context <c>, if played during the greeting. This option works fine if the
extension being redirected to has an extension with the same initial digit in
the channel's current context. If that digit did not happen to exist in some
extension, a dialplan match would fail and the user would not be redirected.
This patch fixes it such that if the <c> option is used, the extensions are
matched in that context as opposed to the caller's original context.
(closes issue ASTERISK-18243)
Reported by: mjordan
Tested by: mjordan
Review: https://reviewboard.asterisk.org/r/1892
........
Merged revisions 365474 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 365475 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@365477 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Most of the changes here are trivial NULL checks. There are a couple
optimizations to remove the need to check for NULL and outboundproxy parsing
in chan_sip.c was rewritten to avoid use of strtok. Additionally, a bug was
found and fixed with the parsing of outboundproxy when "outboundproxy=," was
set.
(Closes issue ASTERISK-19654)
........
Merged revisions 365398 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 365399 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@365400 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
r365006 | twilson | 2012-05-02 10:49:03 -0500 (Wed, 02 May 2012) | 12 lines
Fix a CEL LINKEDID_END race and local channel linkedids
This patch has the ;2 channel inherit the linkedid of the ;1 channel and fixes
the race condition by no longer scanning the channel list for "other" channels
with the same linkedid. Instead, cel.c has an ao2 container of linkedid strings
and uses the refcount of the string as a counter of how many channels with the
linkedid exist. Not only does this eliminate the race condition, but it also
allows us to look up the linkedid by the hashed key instead of traversing the
entire channel list.
Review: https://reviewboard.asterisk.org/r/1895/
........
r365068 | twilson | 2012-05-02 12:02:39 -0500 (Wed, 02 May 2012) | 11 lines
Don't leak a ref if out of memory and can't link the linkedid
If the ao2_link fails, we are most likely out of memory and bad things
are going to happen. Before those bad things happen, make sure to clean
up the linkedid references.
This patch also adds a comment explaining why linkedid can't be passed
to both local channel allocations and combines two ao2_ref calls into 1.
Review: https://reviewboard.asterisk.org/r/1895/
........
Merged revisions 365006,365068 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 365083 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@365084 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In audiohook_read_frame_both, anytime samples are obtained from the read/write
factories a debug statement is logged stating that samples were not obtained
from the factories. This statement used to only occur if option_debug was
turned on and no samples were obtained; in some refactoring when the
option_debug statement was removed, the "else" clause was removed as well.
This patch makes it so that those debug log statements only occur if the
condition leading up to them actually happened.
........
Merged revisions 364965 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@364966 65c4cc65-6c06-0410-ace0-fbb531ad65f3
md5.c: In function ‘MD5Final’:
md5.c:154:2: error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing]
md5.c:155:2: error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing]
There is an md5 unit test and it still passes.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@364462 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Add two new dialplan functions: FEATURE() and FEATUREMAP(). FEATURE()
lets you set some of the configuration options from the [general] section
of features.conf on a per-channel basis. FEATUREMAP() lets you customize
the key sequence used to activate built-in features, such as blindxfer,
and automon. See the built-in documentation for details.
Review: https://reviewboard.asterisk.org/r/1871/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@364437 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
r364365 | twilson | 2012-04-27 17:31:01 -0500 (Fri, 27 Apr 2012) | 11 lines
Fix ast_parse_arg numeric type range checking and add tests
ast_parse_arg wasn't checking for strto* parse errors or limiting
the results by the actual range of the numeric types. This patch fixes
that and adds unit tests as well.
Review: https://reviewboard.asterisk.org/r/1879/
........
Merged revisions 364340 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
r364369 | twilson | 2012-04-27 17:33:10 -0500 (Fri, 27 Apr 2012) | 2 lines
Add missing test_config.c
........
Merged revisions 364365,364369 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@364397 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When party B does an attended transfer of party A to party C, the
attending bridge between party B and C should not be running an h exten
when the bridge ends. Running an h exten now sets a softhangup flag to
ensure that an AGI will run in dead AGI mode.
* Set the AST_FLAG_BRIDGE_HANGUP_DONT on the party B channel for the
attending bridge between party B and C.
(closes issue AST-870)
(closes issue ASTERISK-19717)
Reported by: Mario
(closes issue ASTERISK-19633)
Reported by: Andrey Solovyev
Patches:
jira_asterisk_19633_v1.8.patch (license #5621) patch uploaded by rmudgett
Tested by: rmudgett, Andrey Solovyev, Mario
........
Merged revisions 364060 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 364065 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@364082 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk has a setting for the minimum allowed DTMF. If we get shorter
DTMF tones, these will be changed to the minimum on the outbound call
leg.
(closes issue ASTERISK-19772)
Review: https://reviewboard.asterisk.org/r/1882/
Reported by: oej
Tested by: oej
Patches by: oej
Thanks to the reviewers.
1.8 branch for this patch: agave-dtmf-duration-asterisk-conf-1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@363558 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Found a small amount of curly brackets in my hotel room here in Denmark.
I hereby donate them to the Asterisk project.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@363480 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1) B calls A with Dial option T
2) B DTMF atxfer to C
3) B hangs up
4) C does not answer
5) B is called back
6) B answers
7) B cannot initiate transfers anymore
* Add dial features datastore to recalled party B channel that is a copy
of the original party B channel's dial features datastore.
* Extracted add_features_datastore() from add_features_datastores().
* Renamed struct ast_dial_features features_caller and features_callee
members to my_features and peer_features respectively. These better names
eliminate the need for some explanatory comments.
* Simplified code accessing the struct ast_dial_features datastore.
(closes issue ASTERISK-19383)
Reported by: lgfsantos
........
Merged revisions 363428 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363429 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@363430 65c4cc65-6c06-0410-ace0-fbb531ad65f3
As detailed in the advisory, AMI users without write authorization for SYSTEM class AMI
actions were able to run system commands by going through other AMI commands which did
not require that authorization. Specifically, GetVar and Status allowed users to do this
by setting their variable/s options to the SHELL or EVAL functions.
Also, within 1.8, 10, and trunk there was a similar flaw with the Originate action that
allowed users with originate permission to run MixMonitor and supply a shell command
in the Data argument. That flaw is fixed in those versions of this patch.
(closes issue ASTERISK-17465)
Reported By: David Woolley
Patches:
162_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
18_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
10_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
........
Merged revisions 363117 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
........
Merged revisions 363141 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363156 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@363159 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Redo ast_app_run_sub()/ast_app_exec_sub() to use a known return point so
execution will stop after the routine returns there.
(s@gosub_virtual_context:1)
* Create ast_app_exec_macro() and ast_app_exec_sub() to run the macro and
gosub application respectively with the parameter string already created.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362962 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Move debug message in ast_rtp_instance_early_bridge_make_compatible() to
be output when what it states has actually happened.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362920 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The Security Events Framework API was changed while adding the generation of
security events in chan_sip. A payload type and name was missed from being
added to struct ie_maps.
(closes issue ASTERISK-19759)
Reported by: Michael L. Young
Patches:
issue-asterisk-19759.diff uploaded by Michael L. Young (license 5026)
........
Merged revisions 362918 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362919 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The CHANNEL_DEADLOCK_AVOIDANCE() feature of preserving where the channel
lock was originally obtained is overkill where ast_channel_lock_both() was
inlined.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362888 65c4cc65-6c06-0410-ace0-fbb531ad65f3
ISDN ETSI PTP and Q.SIG (And SS7 in future) have support for reporting who
was the original redirecting party of a call.
* Added support for the original redirecting party and reason to the
REDIRECTING function and the system core as well as to the stubbed
locations in sig_pri.c.
Review: https://reviewboard.asterisk.org/r/1829/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362779 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* chan_mobile: Fixed an overrun where the cind_state buffer (an integer array
of size 16) would be overrun due to improper bounds checking. At worst, the
buffer can be overrun by a total of 48 bytes (assuming 4-byte integers),
which would still leave it within the allocated memory of struct hfp. This
would corrupt other elements in that struct but not necessarily cause any
further issues.
* app_sms: The array imsg is of size 250, while the array (ud) that the data
is copied into is of size 160. If the size of the inbound message is
greater then 160, up to 90 bytes could be overrun in ud. This would corrupt
the user data header (array udh) adjacent to ud.
* chan_unistim: A number of invalid memmoves are corrected. These would move
data (which may or may not be valid) into the ends of these buffers.
* asterisk: ast_console_toggle_loglevel does not check that the console log
level being set is less then or equal to the allowed log levels of 32.
* format_pref: In ast_codec_pref_prepend, if any occurrence of the specified
codec is not found, the value used to index into the array pref->order
would be one greater then the maximum size of the array.
* jitterbuf: If the element being placed into the jitter buffer lands in the
last available slot in the jitter history buffer, the insertion sort attempts
to move the last entry in the buffer into one slot past the maximum length
of the buffer. Note that this occurred for both the min and max jitter
history buffers.
* tdd: If a read from fsk_serial returns a character that is greater then 32,
an attempt to read past one of the statically defined arrays containing the
values that character maps to would occur.
* localtime: struct ast_time and tm are not the same size - ast_time is larger,
although it contains the elements of tm within it in the same layout. Hence,
when using memcpy to copy the contents of tm into ast_time, the size of tm
should be used, as opposed to the size of ast_time.
* extconf: this treats ast_timing's minmask array as if it had a length of 48,
when it has defined the size of the array as 24. pbx.h defines minmask as
having a size of 48.
(issue ASTERISK-19668)
Reported by: Matt Jordan
........
Merged revisions 362485 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362496 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362497 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch addresses a number of modules in main that did not handle the
negative return value from function calls adequately, or were not sufficiently
clear that the conditions leading to improper handling of the return values
could not occur. This includes:
* asterisk.c: A negative return value from the read function would be used
directly as an index into a buffer. We now check for success of the read
function prior to using its result as an index.
* manager.c: Check for failures in mkstemp and lseek when handling the
temporary file created for processing data returned from a CLI command in
action_command. Also check that the result of an lseek is sanitized prior
to using it as the size of a memory map to allocate.
(issue ASTERISK-19655)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/1863/
........
Merged revisions 362359 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362360 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362361 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The current Security Events Framework API only supports IPv4 when it comes to
generating security events. This patch does the following:
* Changes the Security Events Framework API to support IPV6 and updates
the components that use this API.
* Eliminates an error message that was being generated since the current
implementation was treating an IPv6 socket address as if it was IPv4.
* Some copyright dates were updated on files touched by this patch.
(closes issue ASTERISK-19447)
Reported by: Michael L. Young
Tested by: Michael L. Young
Patches:
security_events_ipv6v3.diff uploaded by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/1777/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362200 65c4cc65-6c06-0410-ace0-fbb531ad65f3
ASTERISK-18809 eliminated the legacy macro invocation of the stdexten in
favor of the Gosub method without a means of backwards compatibility.
(issue ASTERISK-18809)
(closes issue ASTERISK-19457)
Reported by: Matt Jordan
Tested by: rmudgett
Review: https://reviewboard.asterisk.org/r/1855/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@361998 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Doing Set(MESSAGE_DATA(key)=) would add an empty key header if the key
header did not already exist. If it already existed it would delete it.
* Made msg_set_var_full() exit early if the named variable did not already
exist and the value to set is empty.
........
Merged revisions 361522 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@361523 65c4cc65-6c06-0410-ace0-fbb531ad65f3
