diff options
author | Richard Mudgett <rmudgett@digium.com> | 2016-10-12 16:24:14 -0500 |
---|---|---|
committer | Richard Mudgett <rmudgett@digium.com> | 2016-10-13 18:13:00 -0500 |
commit | 9c49b96374a9f631c75fc9953f825126c883ff4d (patch) | |
tree | f43da7d9cbb3a457efcfdd1e168587d97e9ad4c7 /main/aoc.c | |
parent | 774d5f7ef78f85a17c31c9dfbe51a96477d34940 (diff) |
Audit ast_json_pack() calls for needed UTF-8 checks.
Added needed UTF-8 checks before constructing json objects in various
files for strings obtained outside the system. In this case string values
from a channel driver's peer and not from the user setting channel
variables.
* aoc.c: Fixed type mismatch in s_to_json() for time and granularity json
object construction.
ASTERISK-26466
Reported by: Richard Mudgett
Change-Id: Iac2d867fa598daba5c5dbc619b5464625a7f2096
Diffstat (limited to 'main/aoc.c')
-rw-r--r-- | main/aoc.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/main/aoc.c b/main/aoc.c index cd9c461c1..552c406a1 100644 --- a/main/aoc.c +++ b/main/aoc.c @@ -1656,8 +1656,10 @@ static struct ast_json *units_to_json(const struct ast_aoc_decoded *decoded) static struct ast_json *currency_to_json(const char *name, int cost, enum ast_aoc_currency_multiplier mult) { - return ast_json_pack("{s:s, s:i, s:s}", "Name", name, - "Cost", cost, "Multiplier", aoc_multiplier_str(mult)); + return ast_json_pack("{s:s, s:i, s:s}", + "Name", AST_JSON_UTF8_VALIDATE(name), + "Cost", cost, + "Multiplier", aoc_multiplier_str(mult)); } static struct ast_json *charge_to_json(const struct ast_aoc_decoded *decoded) @@ -1692,9 +1694,8 @@ static struct ast_json *association_to_json(const struct ast_aoc_decoded *decode { switch (decoded->charging_association.charging_type) { case AST_AOC_CHARGING_ASSOCIATION_NUMBER: - return ast_json_pack( - "{s:s, s:i}", - "Number", decoded->charging_association.charge.number.number, + return ast_json_pack("{s:s, s:i}", + "Number", AST_JSON_UTF8_VALIDATE(decoded->charging_association.charge.number.number), "Plan", decoded->charging_association.charge.number.plan); case AST_AOC_CHARGING_ASSOCIATION_ID: return ast_json_pack( @@ -1740,14 +1741,12 @@ static struct ast_json *s_to_json(const struct ast_aoc_decoded *decoded) decoded->aoc_s_entries[i].rate.duration.amount, decoded->aoc_s_entries[i].rate.duration.multiplier); - time = ast_json_pack( - "{s:i, s:s}", + time = ast_json_pack("{s:i, s:i}", "Length", decoded->aoc_s_entries[i].rate.duration.time, "Scale", decoded->aoc_s_entries[i].rate.duration.time_scale); if (decoded->aoc_s_entries[i].rate.duration.granularity_time) { - granularity = ast_json_pack( - "{s:i, s:s}", + granularity = ast_json_pack("{s:i, s:i}", "Length", decoded->aoc_s_entries[i].rate.duration.granularity_time, "Scale", decoded->aoc_s_entries[i].rate.duration.granularity_time_scale); } |