pbx.c: Allow dangerous functions when adding a hint to dialplan.

We can allow dangerous functions when adding a hint since altering dialplan is itself a privileged activity. Otherwise, we could never execute dangerous functions. ASTERISK-25996 #close Reported by: Andrew Nagy Change-Id: I4929ff100ad1200a0198262d069a34f2296e77ba
2025-09-21 04:46:29 +00:00 · 2016-07-27 17:17:53 -05:00
parent 4cbb735c28
commit 68ebf86e2f
3 changed files with 41 additions and 2 deletions
--- a/main/pbx_functions.c
+++ b/main/pbx_functions.c
@@ -482,7 +482,6 @@ int ast_thread_inhibit_escalations(void)

 	thread_inhibit_escalations = ast_threadstorage_get(
 		&thread_inhibit_escalations_tl, sizeof(*thread_inhibit_escalations));
-
 	if (thread_inhibit_escalations == NULL) {
 		ast_log(LOG_ERROR, "Error inhibiting privilege escalations for current thread\n");
 		return -1;
@@ -492,6 +491,23 @@ int ast_thread_inhibit_escalations(void)
 	return 0;
 }

+int ast_thread_inhibit_escalations_swap(int inhibit)
+{
+	int *thread_inhibit_escalations;
+	int orig;
+
+	thread_inhibit_escalations = ast_threadstorage_get(
+		&thread_inhibit_escalations_tl, sizeof(*thread_inhibit_escalations));
+	if (thread_inhibit_escalations == NULL) {
+		ast_log(LOG_ERROR, "Error swapping privilege escalations inhibit for current thread\n");
+		return -1;
+	}
+
+	orig = *thread_inhibit_escalations;
+	*thread_inhibit_escalations = !!inhibit;
+	return orig;
+}
+
 /*!
 * \brief Indicates whether the current thread inhibits the execution of
 * dangerous functions.
@@ -505,7 +521,6 @@ static int thread_inhibits_escalations(void)

 	thread_inhibit_escalations = ast_threadstorage_get(
 		&thread_inhibit_escalations_tl, sizeof(*thread_inhibit_escalations));
-
 	if (thread_inhibit_escalations == NULL) {
 		ast_log(LOG_ERROR, "Error checking thread's ability to run dangerous functions\n");
 		/* On error, assume that we are inhibiting */