diff options
| author | Kevin Harwell <kharwell@digium.com> | 2015-06-01 11:45:30 -0500 |
|---|---|---|
| committer | Kevin Harwell <kharwell@digium.com> | 2015-06-03 14:03:18 -0500 |
| commit | f5d5aa67dcdc274770c47b1a801a449fb83c2f79 (patch) | |
| tree | c751e639227e97ef718524eb482ae1acf4ed28bf /include | |
| parent | bc70904c053ccc3c14d2b2f87ee81b5e8ffadbbb (diff) | |
AMI: Escape string values.
So this issue is a bit complicated. Since it is possible to pass values to AMI
that contain a '\r\n' (or other similar sequences) these values need to be
escaped. One way to solve this is to escape the values and then pass the escaped
values to the AMI variable parameter string building function. However, this
puts the onus on the pre-build function to escape all string values. This
potentially requires a fair amount of changes along with a lot of string
allocations/freeing for all values.
Surely there is a way to push this complexity down a level into the string
building function itself? This of course is possible, but ends up requiring a
way to distinguish between strings that need to be escaped and those that don't.
The best way to handle this is by introducing a new format specifier in the
format string. For instance a %s (no escape) and %S (escape). However, that is
a bit weird and unexpected.
So faced with those possibilities this patch implements a limited version of the
first option. Instead of attempting to escape all string values this patch only
escapes those values that make sense. This approach limits the number of changes
and doesn't suffer from the odd format specifier problem.
ASTERISK-24934 #close
Reported by: warren smith
Change-Id: Ib55a5b84fe0481b0f2caaaab68c566f392c0aac0
Diffstat (limited to 'include')
| -rw-r--r-- | include/asterisk/strings.h | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/include/asterisk/strings.h b/include/asterisk/strings.h index 7af92affc..d361293d0 100644 --- a/include/asterisk/strings.h +++ b/include/asterisk/strings.h @@ -310,6 +310,59 @@ char *ast_unescape_semicolon(char *s); char *ast_unescape_c(char *s); /*! + * \brief Escape the 'to_escape' characters in the given string. + * + * \note The given output buffer has to have enough memory allocated to store the + * original string plus any escaped values. + * + * \param dest the escaped string + * \param s the source string to escape + * \param num number of characters to be copied from the source + * \param to_escape an array of characters to escape + * + * \return Pointer to the destination. + */ +char* ast_escape(char *dest, const char *s, size_t num, const char *to_escape); + +/*! + * \brief Escape standard 'C' sequences in the given string. + * + * \note The given output buffer has to have enough memory allocated to store the + * original string plus any escaped values. + * + * \param dest the escaped string + * \param s the source string to escape + * \param num number of characters to be copied from the source + * \param to_escape an array of characters to escape + * + * \return Pointer to the escaped string. + */ +char* ast_escape_c(char *dest, const char *s, size_t num); + +/*! + * \brief Escape the 'to_escape' characters in the given string. + * + * \note Caller is responsible for freeing the returned string + * + * \param s the source string to escape + * \param to_escape an array of characters to escape + * + * \return Pointer to the escaped string or NULL. + */ +char *ast_escape_alloc(const char *s, const char *to_escape); + +/*! + * \brief Escape standard 'C' sequences in the given string. + * + * \note Caller is responsible for freeing the returned string + * + * \param s the source string to escape + * + * \return Pointer to the escaped string or NULL. + */ +char *ast_escape_c_alloc(const char *s); + +/*! \brief Size-limited null-terminating string copy. \param dst The destination buffer. \param src The source string |