diff options
| author | David M. Lee <dlee@digium.com> | 2013-08-21 16:23:59 +0000 |
|---|---|---|
| committer | David M. Lee <dlee@digium.com> | 2013-08-21 16:23:59 +0000 |
| commit | 5762c1b4ac5c1519463b31ab7078fcd9cb55a393 (patch) | |
| tree | e4b1dd24f8908070538a5eeec1bbc8379a0ed934 /res | |
| parent | a6da087716478b4a54defb17d56a9574548a8d2a (diff) | |
ARI: Correct segfault with /variable calls are missing ?variable parameter.
Both /asterisk/variable and /channel/{channelId}/variable requires a
?variable parameter to be passed into the query. But we weren't checking
for the parameter being missing, which caused a segfault.
All calls now properly return 400 Bad Request errors when the parameter
is missing. The Swagger api-docs were updated accordingly.
(closes issue ASTERISK-22273)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@397306 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'res')
| -rw-r--r-- | res/ari/resource_asterisk.c | 10 | ||||
| -rw-r--r-- | res/ari/resource_channels.c | 19 | ||||
| -rw-r--r-- | res/res_ari_asterisk.c | 2 | ||||
| -rw-r--r-- | res/res_ari_channels.c | 2 |
4 files changed, 27 insertions, 6 deletions
diff --git a/res/ari/resource_asterisk.c b/res/ari/resource_asterisk.c index 6f2eb8027..268c07132 100644 --- a/res/ari/resource_asterisk.c +++ b/res/ari/resource_asterisk.c @@ -143,12 +143,20 @@ void ast_ari_get_asterisk_info(struct ast_variable *headers, void ast_ari_get_global_var(struct ast_variable *headers, struct ast_get_global_var_args *args, struct ast_ari_response *response) { RAII_VAR(struct ast_json *, json, NULL, ast_json_unref); - RAII_VAR(struct ast_str *, tmp, ast_str_create(32), ast_free); + RAII_VAR(struct ast_str *, tmp, NULL, ast_free); const char *value; ast_assert(response != NULL); + if (ast_strlen_zero(args->variable)) { + ast_ari_response_error( + response, 400, "Bad Request", + "Variable name is required"); + return; + } + + tmp = ast_str_create(32); if (!tmp) { ast_ari_response_alloc_failed(response); return; diff --git a/res/ari/resource_channels.c b/res/ari/resource_channels.c index dd323bac5..29ceb778f 100644 --- a/res/ari/resource_channels.c +++ b/res/ari/resource_channels.c @@ -648,8 +648,16 @@ void ast_ari_get_channel_var(struct ast_variable *headers, struct ast_get_channe ast_assert(response != NULL); + if (ast_strlen_zero(args->variable)) { + ast_ari_response_error( + response, 400, "Bad Request", + "Variable name is required"); + return; + } + control = find_control(response, args->channel_id); if (control == NULL) { + /* response filled in by find_control */ return; } @@ -669,11 +677,6 @@ void ast_ari_set_channel_var(struct ast_variable *headers, struct ast_set_channe ast_assert(response != NULL); - control = find_control(response, args->channel_id); - if (control == NULL) { - return; - } - if (ast_strlen_zero(args->variable)) { ast_ari_response_error( response, 400, "Bad Request", @@ -681,6 +684,12 @@ void ast_ari_set_channel_var(struct ast_variable *headers, struct ast_set_channe return; } + control = find_control(response, args->channel_id); + if (control == NULL) { + /* response filled in by find_control */ + return; + } + if (stasis_app_control_set_channel_var(control, args->variable, args->value)) { ast_ari_response_error( response, 400, "Bad Request", diff --git a/res/res_ari_asterisk.c b/res/res_ari_asterisk.c index dce634e8a..3f34c7ab6 100644 --- a/res/res_ari_asterisk.c +++ b/res/res_ari_asterisk.c @@ -175,6 +175,7 @@ static void ast_ari_get_global_var_cb( break; case 500: /* Internal Server Error */ case 501: /* Not Implemented */ + case 400: /* Missing variable parameter. */ is_valid = 1; break; default: @@ -234,6 +235,7 @@ static void ast_ari_set_global_var_cb( break; case 500: /* Internal Server Error */ case 501: /* Not Implemented */ + case 400: /* Missing variable parameter. */ is_valid = 1; break; default: diff --git a/res/res_ari_channels.c b/res/res_ari_channels.c index 8a6687bc2..063e766f1 100644 --- a/res/res_ari_channels.c +++ b/res/res_ari_channels.c @@ -1055,6 +1055,7 @@ static void ast_ari_get_channel_var_cb( break; case 500: /* Internal Server Error */ case 501: /* Not Implemented */ + case 400: /* Missing variable parameter. */ case 404: /* Channel not found */ case 409: /* Channel not in a Stasis application */ is_valid = 1; @@ -1122,6 +1123,7 @@ static void ast_ari_set_channel_var_cb( break; case 500: /* Internal Server Error */ case 501: /* Not Implemented */ + case 400: /* Missing variable parameter. */ case 404: /* Channel not found */ case 409: /* Channel not in a Stasis application */ is_valid = 1; |