kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-12 15:45:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Audit ast_json_pack() calls for needed UTF-8 checks.

Browse Source 
Added needed UTF-8 checks before constructing json objects in various
files for strings obtained outside the system.  In this case string values
from a channel driver's peer and not from the user setting channel
variables.

* aoc.c: Fixed type mismatch in s_to_json() for time and granularity json
object construction.

ASTERISK-26466
Reported by: Richard Mudgett

Change-Id: Iac2d867fa598daba5c5dbc619b5464625a7f2096
This commit is contained in:
Richard Mudgett
2016-10-12 16:24:14 -05:00
parent 7f8f125738
commit 3c54328c57
6 changed files with 31 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
main/aoc.c
View File

@@ -1656,8 +1656,10 @@ static struct ast_json *units_to_json(const struct ast_aoc_decoded *decoded)
static struct ast_json *currency_to_json(const char *name, int cost,
enum ast_aoc_currency_multiplier mult)
{
return ast_json_pack("{s:s, s:i, s:s}", "Name", name,
"Cost", cost, "Multiplier", aoc_multiplier_str(mult));
return ast_json_pack("{s:s, s:i, s:s}",
"Name", AST_JSON_UTF8_VALIDATE(name),
"Cost", cost,
"Multiplier", aoc_multiplier_str(mult));
}
static struct ast_json *charge_to_json(const struct ast_aoc_decoded *decoded)
@@ -1692,9 +1694,8 @@ static struct ast_json *association_to_json(const struct ast_aoc_decoded *decode
{
switch (decoded->charging_association.charging_type) {
case AST_AOC_CHARGING_ASSOCIATION_NUMBER:
return ast_json_pack(
"{s:s, s:i}",
"Number", decoded->charging_association.charge.number.number,
return ast_json_pack("{s:s, s:i}",
"Number", AST_JSON_UTF8_VALIDATE(decoded->charging_association.charge.number.number),
"Plan", decoded->charging_association.charge.number.plan);
case AST_AOC_CHARGING_ASSOCIATION_ID:
return ast_json_pack(
@@ -1740,14 +1741,12 @@ static struct ast_json *s_to_json(const struct ast_aoc_decoded *decoded)
decoded->aoc_s_entries[i].rate.duration.amount,
decoded->aoc_s_entries[i].rate.duration.multiplier);
time = ast_json_pack(
"{s:i, s:s}",
time = ast_json_pack("{s:i, s:i}",
"Length", decoded->aoc_s_entries[i].rate.duration.time,
"Scale", decoded->aoc_s_entries[i].rate.duration.time_scale);
if (decoded->aoc_s_entries[i].rate.duration.granularity_time) {
granularity = ast_json_pack(
"{s:i, s:s}",
granularity = ast_json_pack("{s:i, s:i}",
"Length", decoded->aoc_s_entries[i].rate.duration.granularity_time,
"Scale", decoded->aoc_s_entries[i].rate.duration.granularity_time_scale);
}