kenmirrors
/
freeswitch
mirror of https://github.com/signalwire/freeswitch.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

add extra input checking for valid input on some api's and functions. 

git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@3583 d0543943-73ff-0310-b7d9-9358b9ac24b2
This commit is contained in:
Michael Jerris 2006-12-08 16:31:58 +00:00
parent ed298ed2db
commit 660159dff1
2 changed files with 16 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/mod/applications/mod_commands/mod_commands.c
View File

@ -162,7 +162,7 @@ static switch_status_t load_function(char *mod, switch_core_session_t *session,
return SWITCH_STATUS_SUCCESS; return SWITCH_STATUS_SUCCESS;
} }
static switch_status_t reload_function(char *mod, switch_core_session_t *session, switch_stream_handle_t *stream) static switch_status_t reload_function(char *args, switch_core_session_t *session, switch_stream_handle_t *stream)
{ {
const char *err; const char *err;
switch_xml_t xml_root; switch_xml_t xml_root;
@ -214,7 +214,7 @@ static switch_status_t transfer_function(char *cmd, switch_core_session_t *isess
argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0]))); argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0])));
if (argc < 2 || argc > 4) { if (switch_strlen_zero(cmd) || argc < 2 || argc > 4) {
stream->write_function(stream, "USAGE: %s\n", transfer_api_interface.syntax); stream->write_function(stream, "USAGE: %s\n", transfer_api_interface.syntax);
} else { } else {
char *uuid = argv[0]; char *uuid = argv[0];
@ -252,7 +252,7 @@ static switch_status_t uuid_media_function(char *cmd, switch_core_session_t *ise
argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0]))); argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0])));
if (argc < 1) { if (switch_strlen_zero(cmd) || argc < 1) {
stream->write_function(stream, "USAGE: %s\n", media_api_interface.syntax); stream->write_function(stream, "USAGE: %s\n", media_api_interface.syntax);
} else { } else {
if (!strcmp(argv[0], "off")) { if (!strcmp(argv[0], "off")) {
@ -284,7 +284,7 @@ static switch_status_t uuid_broadcast_function(char *cmd, switch_core_session_t
argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0]))); argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0])));
if (argc < 2) { if (switch_strlen_zero(cmd) || argc < 2) {
stream->write_function(stream, "USAGE: %s\n", broadcast_api_interface.syntax); stream->write_function(stream, "USAGE: %s\n", broadcast_api_interface.syntax);
} else { } else {
switch_media_flag_t flags = SMF_NONE; switch_media_flag_t flags = SMF_NONE;
@ -320,7 +320,7 @@ static switch_status_t uuid_hold_function(char *cmd, switch_core_session_t *ises
argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0]))); argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0])));
if (argc < 1) { if (switch_strlen_zero(cmd) || argc < 1) {
stream->write_function(stream, "USAGE: %s\n", hold_api_interface.syntax); stream->write_function(stream, "USAGE: %s\n", hold_api_interface.syntax);
} else { } else {
if (!strcmp(argv[0], "off")) { if (!strcmp(argv[0], "off")) {
@ -350,7 +350,7 @@ static switch_status_t uuid_bridge_function(char *cmd, switch_core_session_t *is
argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0]))); argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0])));
if (argc != 2) { if (switch_strlen_zero(cmd) || argc != 2) {
stream->write_function(stream, "USAGE: %s\n", uuid_bridge_api_interface.syntax); stream->write_function(stream, "USAGE: %s\n", uuid_bridge_api_interface.syntax);
} else { } else {
if (switch_ivr_uuid_bridge(argv[0], argv[1]) != SWITCH_STATUS_SUCCESS) { if (switch_ivr_uuid_bridge(argv[0], argv[1]) != SWITCH_STATUS_SUCCESS) {
@ -373,7 +373,7 @@ static switch_status_t pause_function(char *cmd, switch_core_session_t *isession
argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0]))); argc = switch_separate_string(cmd, ' ', argv, (sizeof(argv) / sizeof(argv[0])));
if (argc < 2) { if (switch_strlen_zero(cmd) || argc < 2) {
stream->write_function(stream, "USAGE: %s\n", pause_api_interface.syntax); stream->write_function(stream, "USAGE: %s\n", pause_api_interface.syntax);
} else { } else {
char *uuid = argv[0]; char *uuid = argv[0];

17
src/mod/applications/mod_dptools/mod_dptools.c
View File

@ -43,7 +43,7 @@ static void detect_speech_function(switch_core_session_t *session, char *data)
int argc; int argc;
char *lbuf = NULL; char *lbuf = NULL;
if ((lbuf = switch_core_session_strdup(session, data)) && (argc = switch_separate_string(lbuf, ' ', argv, (sizeof(argv) / sizeof(argv[0]))))) { if (data && (lbuf = switch_core_session_strdup(session, data)) && (argc = switch_separate_string(lbuf, ' ', argv, (sizeof(argv) / sizeof(argv[0]))))) {
if (!strcasecmp(argv[0], "grammar") && argc >= 1) { if (!strcasecmp(argv[0], "grammar") && argc >= 1) {
switch_ivr_detect_speech_load_grammar(session, argv[1], argv[2]); switch_ivr_detect_speech_load_grammar(session, argv[1], argv[2]);
} else if (!strcasecmp(argv[0], "nogrammar")) { } else if (!strcasecmp(argv[0], "nogrammar")) {
@ -77,7 +77,7 @@ static void transfer_function(switch_core_session_t *session, char *data)
char *argv[4] = {0}; char *argv[4] = {0};
char *mydata; char *mydata;
if ((mydata = switch_core_session_strdup(session, data))) { if (data && (mydata = switch_core_session_strdup(session, data))) {
if ((argc = switch_separate_string(mydata, ' ', argv, (sizeof(argv) / sizeof(argv[0])))) >= 1) { if ((argc = switch_separate_string(mydata, ' ', argv, (sizeof(argv) / sizeof(argv[0])))) >= 1) {
switch_ivr_session_transfer(session, argv[0], argv[1], argv[2]); switch_ivr_session_transfer(session, argv[0], argv[1], argv[2]);
} else { } else {
@ -144,7 +144,7 @@ static void log_function(switch_core_session_t *session, char *data)
channel = switch_core_session_get_channel(session); channel = switch_core_session_get_channel(session);
assert(channel != NULL); assert(channel != NULL);
if ((level = strdup(data))) { if (data && (level = strdup(data))) {
switch_event_types_t etype = SWITCH_LOG_DEBUG; switch_event_types_t etype = SWITCH_LOG_DEBUG;
if ((log_str = strchr(level, ' '))) { if ((log_str = strchr(level, ' '))) {
@ -220,7 +220,7 @@ static void strftime_function(switch_core_session_t *session, char *data)
int argc; int argc;
char *lbuf; char *lbuf;
if ((lbuf = switch_core_session_strdup(session, data))&&(argc = switch_separate_string(lbuf, '=', argv, (sizeof(argv) / sizeof(argv[0])))) > 1) { if (data && (lbuf = switch_core_session_strdup(session, data)) && (argc = switch_separate_string(lbuf, '=', argv, (sizeof(argv) / sizeof(argv[0])))) > 1) {
switch_size_t retsize; switch_size_t retsize;
switch_time_exp_t tm; switch_time_exp_t tm;
char date[80] = ""; char date[80] = "";
@ -238,12 +238,13 @@ static void strftime_function(switch_core_session_t *session, char *data)
static switch_status_t strftime_api_function(char *fmt, switch_core_session_t *session, switch_stream_handle_t *stream) static switch_status_t strftime_api_function(char *fmt, switch_core_session_t *session, switch_stream_handle_t *stream)
{ {
switch_size_t retsize; switch_size_t retsize;
switch_time_exp_t tm; switch_time_exp_t tm;
char date[80] = ""; char date[80] = "";
switch_time_exp_lt(&tm, switch_time_now()); switch_time_exp_lt(&tm, switch_time_now());
switch_strftime(date, &retsize, sizeof(date), fmt, &tm); switch_strftime(date, &retsize, sizeof(date), fmt ? fmt : "%Y-%m-%d %T", &tm);
stream->write_function(stream, date); stream->write_function(stream, date);
return SWITCH_STATUS_SUCCESS; return SWITCH_STATUS_SUCCESS;
@ -290,7 +291,7 @@ static switch_status_t chat_api_function(char *fmt, switch_core_session_t *sessi
char *lbuf, *argv[4]; char *lbuf, *argv[4];
int argc = 0; int argc = 0;
if ((lbuf = strdup(fmt)) && (argc = switch_separate_string(lbuf, '|', argv, (sizeof(argv) / sizeof(argv[0])))) == 4) { if (fmt && (lbuf = strdup(fmt)) && (argc = switch_separate_string(lbuf, '|', argv, (sizeof(argv) / sizeof(argv[0])))) == 4) {
switch_chat_interface_t *ci; switch_chat_interface_t *ci;
if ((ci = switch_loadable_module_get_chat_interface(argv[0]))) { if ((ci = switch_loadable_module_get_chat_interface(argv[0]))) {
@ -324,9 +325,9 @@ static switch_ivr_action_t menu_handler(switch_ivr_menu_t *menu, char *param, ch
static void ivr_application_function(switch_core_session_t *session, char *data) static void ivr_application_function(switch_core_session_t *session, char *data)
{ {
switch_channel_t *channel = switch_core_session_get_channel(session); switch_channel_t *channel = switch_core_session_get_channel(session);
char *params = switch_core_session_strdup(session,data); char *params;
if (channel != NULL && params != NULL) { if (channel && data && (params = switch_core_session_strdup(session,data))) {
switch_xml_t cxml = NULL, cfg = NULL, xml_menus = NULL, xml_menu = NULL; switch_xml_t cxml = NULL, cfg = NULL, xml_menus = NULL, xml_menu = NULL;
// Open the config from the xml registry // Open the config from the xml registry