diff options
author | Richard Mudgett <rmudgett@digium.com> | 2016-07-27 17:17:53 -0500 |
---|---|---|
committer | Richard Mudgett <rmudgett@digium.com> | 2016-07-28 15:11:33 -0500 |
commit | 68ebf86e2fbd0a8e60d32c17f8ce64d4db51b7a6 (patch) | |
tree | 0ff01439ca588e180f2a3419ca7fde36b93de16f /main/pbx.c | |
parent | 4cbb735c288d05ba113912b1af030231bd5f9872 (diff) |
pbx.c: Allow dangerous functions when adding a hint to dialplan.
We can allow dangerous functions when adding a hint since altering
dialplan is itself a privileged activity. Otherwise, we could never
execute dangerous functions.
ASTERISK-25996 #close
Reported by: Andrew Nagy
Change-Id: I4929ff100ad1200a0198262d069a34f2296e77ba
Diffstat (limited to 'main/pbx.c')
-rw-r--r-- | main/pbx.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/main/pbx.c b/main/pbx.c index 4d6d31ec4..27f1a4ecb 100644 --- a/main/pbx.c +++ b/main/pbx.c @@ -7153,13 +7153,25 @@ static int ast_add_extension2_lockopt(struct ast_context *con, /* If we are adding a hint evalulate in variables and global variables */ if (priority == PRIORITY_HINT && strstr(application, "${") && extension[0] != '_') { + int inhibited; struct ast_channel *c = ast_dummy_channel_alloc(); if (c) { ast_channel_exten_set(c, extension); ast_channel_context_set(c, con->name); } + + /* + * We can allow dangerous functions when adding a hint since + * altering dialplan is itself a privileged activity. Otherwise, + * we could never execute dangerous functions. + */ + inhibited = ast_thread_inhibit_escalations_swap(0); pbx_substitute_variables_helper(c, application, expand_buf, sizeof(expand_buf)); + if (0 < inhibited) { + ast_thread_inhibit_escalations(); + } + application = expand_buf; if (c) { ast_channel_unref(c); |