kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-20 03:59:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

strings.h: Fix issues with escape string functions.

Browse Source 
Fixes for issues with the ASTERISK-24934 patch.

* Fixed ast_escape_alloc() and ast_escape_c_alloc() if the s parameter is
an empty string.  If it were an empty string the functions returned NULL
as if there were a memory allocation failure.  This failure caused the AMI
VarSet event to not get posted if the new value was an empty string.

* Fixed dest buffer overwrite potential in ast_escape() and
ast_escape_c().  If the dest buffer size is smaller than the space needed
by the escaped s parameter string then the dest buffer would be written
beyond the end by the nul string terminator.  The num parameter was really
the dest buffer size parameter so I renamed it to size.

* Made nul terminate the dest buffer if the source string parameter s was
an empty string in ast_escape() and ast_escape_c().

* Updated ast_escape() and ast_escape_c() doxygen function description
comments to reflect reality.

* Added some more unit test cases to /main/strings/escape to cover the
empty source string issues.

ASTERISK-25255 #close
Reported by: Richard Mudgett

Change-Id: Id77fc704600ebcce81615c1200296f74de254104
This commit is contained in:
Richard Mudgett
2015-07-15 15:40:32 -05:00
parent 605c5d23a8
commit b34c4528ab
3 changed files with 87 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
include/asterisk/strings.h
View File

@@ -312,32 +312,33 @@ char *ast_unescape_c(char *s);
/*!
* \brief Escape the 'to_escape' characters in the given string.
*
* \note The given output buffer has to have enough memory allocated to store the
* original string plus any escaped values.
* \note The given output buffer will contain a truncated escaped
* version of the source string if the given buffer is not large
* enough.
*
* \param dest the escaped string
* \param s the source string to escape
* \param num number of characters to be copied from the source
* \param size The size of the destination buffer
* \param to_escape an array of characters to escape
*
* \return Pointer to the destination.
*/
char* ast_escape(char *dest, const char *s, size_t num, const char *to_escape);
char *ast_escape(char *dest, const char *s, size_t size, const char *to_escape);
/*!
* \brief Escape standard 'C' sequences in the given string.
*
* \note The given output buffer has to have enough memory allocated to store the
* original string plus any escaped values.
* \note The given output buffer will contain a truncated escaped
* version of the source string if the given buffer is not large
* enough.
*
* \param dest the escaped string
* \param s the source string to escape
* \param num number of characters to be copied from the source
* \param to_escape an array of characters to escape
* \param size The size of the destination buffer
*
* \return Pointer to the escaped string.
*/
char* ast_escape_c(char *dest, const char *s, size_t num);
char *ast_escape_c(char *dest, const char *s, size_t size);
/*!
* \brief Escape the 'to_escape' characters in the given string.