diff options
author | Richard Mudgett <rmudgett@digium.com> | 2015-02-27 18:31:31 +0000 |
---|---|---|
committer | Richard Mudgett <rmudgett@digium.com> | 2015-02-27 18:31:31 +0000 |
commit | 9e841e4fb62f072f26f076bd4dd2a8eebe7a9e75 (patch) | |
tree | e0040f22d288c44f53089f95868540264a5689fe /main | |
parent | d79670b2694c22ab078e029a6a3b7e066d6ae531 (diff) |
ARI: Fix crash if integer values used in JSON payload 'variables' object.
Sending the following ARI commands caused Asterisk to crash if the JSON
body 'variables' object passes values of types other than strings.
POST /ari/channels
POST /ari/channels/{channelid}
PUT /ari/endpoints/sendMessage
PUT /ari/endpoints/{tech}/{resource}/sendMessage
* Eliminated RAII_VAR usage in ast_ari_channels_originate_with_id(),
ast_ari_channels_originate(), ast_ari_endpoints_send_message(), and
ast_ari_endpoints_send_message_to_endpoint().
ASTERISK-24751 #close
Reported by: jeffrey putnam
Review: https://reviewboard.asterisk.org/r/4447/
........
Merged revisions 432404 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@432405 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'main')
-rw-r--r-- | main/json.c | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/main/json.c b/main/json.c index 88e807772..35e6f16ce 100644 --- a/main/json.c +++ b/main/json.c @@ -882,32 +882,47 @@ struct ast_json *ast_json_party_id(struct ast_party_id *party) return ast_json_ref(json_party_id); } -int ast_json_to_ast_variables(struct ast_json *json_variables, struct ast_variable **variables) +enum ast_json_to_ast_vars_code ast_json_to_ast_variables(struct ast_json *json_variables, struct ast_variable **variables) { struct ast_json_iter *it_json_var; *variables = NULL; for (it_json_var = ast_json_object_iter(json_variables); it_json_var; - it_json_var = ast_json_object_iter_next(json_variables, it_json_var)) { + it_json_var = ast_json_object_iter_next(json_variables, it_json_var)) { struct ast_variable *new_var; const char *key = ast_json_object_iter_key(it_json_var); + const char *value; + struct ast_json *json_value; if (ast_strlen_zero(key)) { continue; } - new_var = ast_variable_new(key, - ast_json_string_get(ast_json_object_iter_value(it_json_var)), - ""); + json_value = ast_json_object_iter_value(it_json_var); + if (ast_json_typeof(json_value) != AST_JSON_STRING) { + /* Error: Only strings allowed */ + ast_variables_destroy(*variables); + *variables = NULL; + return AST_JSON_TO_AST_VARS_CODE_INVALID_TYPE; + } + value = ast_json_string_get(json_value); + /* Should never be NULL. Otherwise, how could it be a string type? */ + ast_assert(value != NULL); + if (!value) { + /* To be safe. */ + continue; + } + new_var = ast_variable_new(key, value, ""); if (!new_var) { + /* Error: OOM */ ast_variables_destroy(*variables); *variables = NULL; - return -1; + return AST_JSON_TO_AST_VARS_CODE_OOM; } ast_variable_list_append(variables, new_var); } - return 0; + return AST_JSON_TO_AST_VARS_CODE_SUCCESS; } |