From 4e20c42a132c86d3f86486e26b3ec991920513f9 Mon Sep 17 00:00:00 2001 From: Steve Murphy Date: Tue, 23 Oct 2007 21:25:37 +0000 Subject: Merged revisions 86902 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r86902 | murf | 2007-10-23 15:18:08 -0600 (Tue, 23 Oct 2007) | 1 line closes issue #11052 -- where nothing after the ? will allow un-initialized variable values to corrupt and crash asterisk on 64-bit platforms ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@86903 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- funcs/func_logic.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'funcs') diff --git a/funcs/func_logic.c b/funcs/func_logic.c index 4ab9ed463..aff358c24 100644 --- a/funcs/func_logic.c +++ b/funcs/func_logic.c @@ -101,12 +101,19 @@ static int acf_if(struct ast_channel *chan, const char *cmd, char *data, char *b AST_APP_ARG(iftrue); AST_APP_ARG(iffalse); ); - + args2.iftrue = args2.iffalse = NULL; /* you have to set these, because if there is nothing after the '?', + then args1.remainder will be NULL, not a pointer to a null string, and + then any garbage in args2.iffalse will not be cleared, and you'll crash. + -- and if you mod the ast_app_separate_args func instead, you'll really + mess things up badly, because the rest of everything depends on null args + for non-specified stuff. */ + AST_NONSTANDARD_APP_ARGS(args1, data, '?'); AST_NONSTANDARD_APP_ARGS(args2, args1.remainder, ':'); if (ast_strlen_zero(args1.expr) || !(args2.iftrue || args2.iffalse)) { - ast_log(LOG_WARNING, "Syntax IF(?[][:])\n"); + ast_log(LOG_WARNING, "Syntax IF(?[][:]) (expr must be non-null, and either or must be non-null)\n"); + ast_log(LOG_WARNING, " In this case, ='%s', ='%s', and ='%s'\n", args1.expr, args2.iftrue, args2.iffalse); return -1; } -- cgit v1.2.3