diff options
| author | David M. Lee <dlee@digium.com> | 2013-08-21 16:23:59 +0000 |
|---|---|---|
| committer | David M. Lee <dlee@digium.com> | 2013-08-21 16:23:59 +0000 |
| commit | 5762c1b4ac5c1519463b31ab7078fcd9cb55a393 (patch) | |
| tree | e4b1dd24f8908070538a5eeec1bbc8379a0ed934 /res/ari | |
| parent | a6da087716478b4a54defb17d56a9574548a8d2a (diff) | |
ARI: Correct segfault with /variable calls are missing ?variable parameter.
Both /asterisk/variable and /channel/{channelId}/variable requires a
?variable parameter to be passed into the query. But we weren't checking
for the parameter being missing, which caused a segfault.
All calls now properly return 400 Bad Request errors when the parameter
is missing. The Swagger api-docs were updated accordingly.
(closes issue ASTERISK-22273)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@397306 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'res/ari')
| -rw-r--r-- | res/ari/resource_asterisk.c | 10 | ||||
| -rw-r--r-- | res/ari/resource_channels.c | 19 |
2 files changed, 23 insertions, 6 deletions
diff --git a/res/ari/resource_asterisk.c b/res/ari/resource_asterisk.c index 6f2eb8027..268c07132 100644 --- a/res/ari/resource_asterisk.c +++ b/res/ari/resource_asterisk.c @@ -143,12 +143,20 @@ void ast_ari_get_asterisk_info(struct ast_variable *headers, void ast_ari_get_global_var(struct ast_variable *headers, struct ast_get_global_var_args *args, struct ast_ari_response *response) { RAII_VAR(struct ast_json *, json, NULL, ast_json_unref); - RAII_VAR(struct ast_str *, tmp, ast_str_create(32), ast_free); + RAII_VAR(struct ast_str *, tmp, NULL, ast_free); const char *value; ast_assert(response != NULL); + if (ast_strlen_zero(args->variable)) { + ast_ari_response_error( + response, 400, "Bad Request", + "Variable name is required"); + return; + } + + tmp = ast_str_create(32); if (!tmp) { ast_ari_response_alloc_failed(response); return; diff --git a/res/ari/resource_channels.c b/res/ari/resource_channels.c index dd323bac5..29ceb778f 100644 --- a/res/ari/resource_channels.c +++ b/res/ari/resource_channels.c @@ -648,8 +648,16 @@ void ast_ari_get_channel_var(struct ast_variable *headers, struct ast_get_channe ast_assert(response != NULL); + if (ast_strlen_zero(args->variable)) { + ast_ari_response_error( + response, 400, "Bad Request", + "Variable name is required"); + return; + } + control = find_control(response, args->channel_id); if (control == NULL) { + /* response filled in by find_control */ return; } @@ -669,11 +677,6 @@ void ast_ari_set_channel_var(struct ast_variable *headers, struct ast_set_channe ast_assert(response != NULL); - control = find_control(response, args->channel_id); - if (control == NULL) { - return; - } - if (ast_strlen_zero(args->variable)) { ast_ari_response_error( response, 400, "Bad Request", @@ -681,6 +684,12 @@ void ast_ari_set_channel_var(struct ast_variable *headers, struct ast_set_channe return; } + control = find_control(response, args->channel_id); + if (control == NULL) { + /* response filled in by find_control */ + return; + } + if (stasis_app_control_set_channel_var(control, args->variable, args->value)) { ast_ari_response_error( response, 400, "Bad Request", |