diff options
| author | Richard Mudgett <rmudgett@digium.com> | 2016-07-27 17:17:53 -0500 |
|---|---|---|
| committer | Richard Mudgett <rmudgett@digium.com> | 2016-07-28 15:10:18 -0500 |
| commit | 873fc0fda596aa33115821329dfc556848ac2e9d (patch) | |
| tree | 55ace1d49d1f1a64a82dc91f7ad0aa5e09ec8027 | |
| parent | 7883f128d54a52c65741c0e03e69ba0cf27a4743 (diff) | |
pbx.c: Allow dangerous functions when adding a hint to dialplan.
We can allow dangerous functions when adding a hint since altering
dialplan is itself a privileged activity. Otherwise, we could never
execute dangerous functions.
ASTERISK-25996 #close
Reported by: Andrew Nagy
Change-Id: I4929ff100ad1200a0198262d069a34f2296e77ba
| -rw-r--r-- | include/asterisk/pbx.h | 12 | ||||
| -rw-r--r-- | main/pbx.c | 12 | ||||
| -rw-r--r-- | main/pbx_functions.c | 19 |
3 files changed, 41 insertions, 2 deletions
diff --git a/include/asterisk/pbx.h b/include/asterisk/pbx.h index d722e123f..1fc8df8c9 100644 --- a/include/asterisk/pbx.h +++ b/include/asterisk/pbx.h @@ -1598,6 +1598,18 @@ void pbx_live_dangerously(int new_live_dangerously); */ int ast_thread_inhibit_escalations(void); +/*! + * \brief Swap the current thread escalation inhibit setting. + * \since 11.24.0 + * + * \param inhibit New setting. Non-zero to inhibit. + * + * \retval 1 if dangerous function execution was inhibited. + * \retval 0 if dangerous function execution was allowed. + * \retval -1 on error. + */ +int ast_thread_inhibit_escalations_swap(int inhibit); + #if defined(__cplusplus) || defined(c_plusplus) } #endif diff --git a/main/pbx.c b/main/pbx.c index 5bafee337..822336d36 100644 --- a/main/pbx.c +++ b/main/pbx.c @@ -7095,13 +7095,25 @@ static int ast_add_extension2_lockopt(struct ast_context *con, /* If we are adding a hint evalulate in variables and global variables */ if (priority == PRIORITY_HINT && strstr(application, "${") && extension[0] != '_') { + int inhibited; struct ast_channel *c = ast_dummy_channel_alloc(); if (c) { ast_channel_exten_set(c, extension); ast_channel_context_set(c, con->name); } + + /* + * We can allow dangerous functions when adding a hint since + * altering dialplan is itself a privileged activity. Otherwise, + * we could never execute dangerous functions. + */ + inhibited = ast_thread_inhibit_escalations_swap(0); pbx_substitute_variables_helper(c, application, expand_buf, sizeof(expand_buf)); + if (0 < inhibited) { + ast_thread_inhibit_escalations(); + } + application = expand_buf; if (c) { ast_channel_unref(c); diff --git a/main/pbx_functions.c b/main/pbx_functions.c index bc738b043..558be461f 100644 --- a/main/pbx_functions.c +++ b/main/pbx_functions.c @@ -482,7 +482,6 @@ int ast_thread_inhibit_escalations(void) thread_inhibit_escalations = ast_threadstorage_get( &thread_inhibit_escalations_tl, sizeof(*thread_inhibit_escalations)); - if (thread_inhibit_escalations == NULL) { ast_log(LOG_ERROR, "Error inhibiting privilege escalations for current thread\n"); return -1; @@ -492,6 +491,23 @@ int ast_thread_inhibit_escalations(void) return 0; } +int ast_thread_inhibit_escalations_swap(int inhibit) +{ + int *thread_inhibit_escalations; + int orig; + + thread_inhibit_escalations = ast_threadstorage_get( + &thread_inhibit_escalations_tl, sizeof(*thread_inhibit_escalations)); + if (thread_inhibit_escalations == NULL) { + ast_log(LOG_ERROR, "Error swapping privilege escalations inhibit for current thread\n"); + return -1; + } + + orig = *thread_inhibit_escalations; + *thread_inhibit_escalations = !!inhibit; + return orig; +} + /*! * \brief Indicates whether the current thread inhibits the execution of * dangerous functions. @@ -505,7 +521,6 @@ static int thread_inhibits_escalations(void) thread_inhibit_escalations = ast_threadstorage_get( &thread_inhibit_escalations_tl, sizeof(*thread_inhibit_escalations)); - if (thread_inhibit_escalations == NULL) { ast_log(LOG_ERROR, "Error checking thread's ability to run dangerous functions\n"); /* On error, assume that we are inhibiting */ |