diff options
author | Richard Mudgett <rmudgett@digium.com> | 2016-10-12 16:24:14 -0500 |
---|---|---|
committer | Richard Mudgett <rmudgett@digium.com> | 2016-10-13 18:11:37 -0500 |
commit | 3c54328c572968a2e8e43257e1e521069a78379a (patch) | |
tree | 08b0a6094ae3cb16bdcdc2d094b0019086e1d891 /main | |
parent | 7f8f1257381e1697a0347b101382d57ebf2c0b06 (diff) |
Audit ast_json_pack() calls for needed UTF-8 checks.
Added needed UTF-8 checks before constructing json objects in various
files for strings obtained outside the system. In this case string values
from a channel driver's peer and not from the user setting channel
variables.
* aoc.c: Fixed type mismatch in s_to_json() for time and granularity json
object construction.
ASTERISK-26466
Reported by: Richard Mudgett
Change-Id: Iac2d867fa598daba5c5dbc619b5464625a7f2096
Diffstat (limited to 'main')
-rw-r--r-- | main/aoc.c | 17 | ||||
-rw-r--r-- | main/cel.c | 4 |
2 files changed, 10 insertions, 11 deletions
diff --git a/main/aoc.c b/main/aoc.c index 4ab931536..6c518765c 100644 --- a/main/aoc.c +++ b/main/aoc.c @@ -1656,8 +1656,10 @@ static struct ast_json *units_to_json(const struct ast_aoc_decoded *decoded) static struct ast_json *currency_to_json(const char *name, int cost, enum ast_aoc_currency_multiplier mult) { - return ast_json_pack("{s:s, s:i, s:s}", "Name", name, - "Cost", cost, "Multiplier", aoc_multiplier_str(mult)); + return ast_json_pack("{s:s, s:i, s:s}", + "Name", AST_JSON_UTF8_VALIDATE(name), + "Cost", cost, + "Multiplier", aoc_multiplier_str(mult)); } static struct ast_json *charge_to_json(const struct ast_aoc_decoded *decoded) @@ -1692,9 +1694,8 @@ static struct ast_json *association_to_json(const struct ast_aoc_decoded *decode { switch (decoded->charging_association.charging_type) { case AST_AOC_CHARGING_ASSOCIATION_NUMBER: - return ast_json_pack( - "{s:s, s:i}", - "Number", decoded->charging_association.charge.number.number, + return ast_json_pack("{s:s, s:i}", + "Number", AST_JSON_UTF8_VALIDATE(decoded->charging_association.charge.number.number), "Plan", decoded->charging_association.charge.number.plan); case AST_AOC_CHARGING_ASSOCIATION_ID: return ast_json_pack( @@ -1740,14 +1741,12 @@ static struct ast_json *s_to_json(const struct ast_aoc_decoded *decoded) decoded->aoc_s_entries[i].rate.duration.amount, decoded->aoc_s_entries[i].rate.duration.multiplier); - time = ast_json_pack( - "{s:i, s:s}", + time = ast_json_pack("{s:i, s:i}", "Length", decoded->aoc_s_entries[i].rate.duration.time, "Scale", decoded->aoc_s_entries[i].rate.duration.time_scale); if (decoded->aoc_s_entries[i].rate.duration.granularity_time) { - granularity = ast_json_pack( - "{s:i, s:s}", + granularity = ast_json_pack("{s:i, s:i}", "Length", decoded->aoc_s_entries[i].rate.duration.granularity_time, "Scale", decoded->aoc_s_entries[i].rate.duration.granularity_time_scale); } diff --git a/main/cel.c b/main/cel.c index 4abaac7c8..0cdf1be00 100644 --- a/main/cel.c +++ b/main/cel.c @@ -1237,10 +1237,10 @@ static void cel_parking_cb( if (parked_payload->retriever) { extra = ast_json_pack("{s: s, s: s}", - "reason", reason, + "reason", reason ?: "", "retriever", parked_payload->retriever->name); } else { - extra = ast_json_pack("{s: s}", "reason", reason); + extra = ast_json_pack("{s: s}", "reason", reason ?: ""); } if (extra) { |