From f88a632d96bb3ed76976b2f32f5d7b7e8591afa9 Mon Sep 17 00:00:00 2001 From: Jonathan Rose Date: Tue, 17 Apr 2012 21:10:50 +0000 Subject: Make use of va_args more appropriate to form in various res_config modules plus utils. A number of va_copy operations weren't matched with a corresponding va_end in res_config_odbc. Also, there was a potential for va_end to be invoked twice on the same va_arg in utils, which would mean invoking va_end on an undefined variable... which is bad. va_end is removed from various functions in config_pgsql and config_curl since they aren't making their own copy. The invokers of those functions are responsible for calling va_end on them. (issue ASTERISK-19451) Reported by: Walter Doekes Review: https://reviewboard.asterisk.org/r/1848/ ........ Merged revisions 362354 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 362357 from http://svn.asterisk.org/svn/asterisk/branches/10 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362363 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- res/res_config_curl.c | 7 ----- res/res_config_odbc.c | 73 +++++++++++++++++++++++++++++++------------------- res/res_config_pgsql.c | 12 --------- 3 files changed, 46 insertions(+), 46 deletions(-) (limited to 'res') diff --git a/res/res_config_curl.c b/res/res_config_curl.c index bb8d9b39b..43fe888ed 100644 --- a/res/res_config_curl.c +++ b/res/res_config_curl.c @@ -88,7 +88,6 @@ static struct ast_variable *realtime_curl(const char *url, const char *unused, v ast_uri_encode(newval, buf2, sizeof(buf2), ast_uri_http); ast_str_append(&query, 0, "%s%s=%s", i > 0 ? "&" : "", buf1, buf2); } - va_end(ap); ast_str_append(&query, 0, ")}"); ast_str_substitute_variables(&buffer, 0, NULL, ast_str_buffer(query)); @@ -168,7 +167,6 @@ static struct ast_config *realtime_multi_curl(const char *url, const char *unuse ast_uri_encode(newval, buf2, sizeof(buf2), ast_uri_http); ast_str_append(&query, 0, "%s%s=%s", i > 0 ? "&" : "", buf1, buf2); } - va_end(ap); ast_str_append(&query, 0, ")}"); @@ -258,7 +256,6 @@ static int update_curl(const char *url, const char *unused, const char *keyfield ast_uri_encode(newval, buf2, sizeof(buf2), ast_uri_http); ast_str_append(&query, 0, "%s%s=%s", i > 0 ? "&" : "", buf1, buf2); } - va_end(ap); ast_str_append(&query, 0, ")}"); ast_str_substitute_variables(&buffer, 0, NULL, ast_str_buffer(query)); @@ -317,7 +314,6 @@ static int update2_curl(const char *url, const char *unused, va_list ap) ast_str_append(&query, 0, "%s%s=%s", first ? "" : "&", buf1, buf2); first = 0; } - va_end(ap); ast_str_append(&query, 0, ")}"); /* Proxies work, by setting CURLOPT options in the [globals] section of @@ -382,7 +378,6 @@ static int store_curl(const char *url, const char *unused, va_list ap) ast_uri_encode(newval, buf2, sizeof(buf2), ast_uri_http); ast_str_append(&query, 0, "%s%s=%s", i > 0 ? "&" : "", buf1, buf2); } - va_end(ap); ast_str_append(&query, 0, ")}"); ast_str_substitute_variables(&buffer, 0, NULL, ast_str_buffer(query)); @@ -446,7 +441,6 @@ static int destroy_curl(const char *url, const char *unused, const char *keyfiel ast_uri_encode(newval, buf2, sizeof(buf2), ast_uri_http); ast_str_append(&query, 0, "%s%s=%s", i > 0 ? "&" : "", buf1, buf2); } - va_end(ap); ast_str_append(&query, 0, ")}"); ast_str_substitute_variables(&buffer, 0, NULL, ast_str_buffer(query)); @@ -507,7 +501,6 @@ static int require_curl(const char *url, const char *unused, va_list ap) type == RQ_FLOAT ? "float" : "unknown", size); } - va_end(ap); ast_str_append(&query, 0, ")}"); ast_str_substitute_variables(&buffer, 0, NULL, ast_str_buffer(query)); diff --git a/res/res_config_odbc.c b/res/res_config_odbc.c index 7bd0889c4..30dfc5cdf 100644 --- a/res/res_config_odbc.c +++ b/res/res_config_odbc.c @@ -78,8 +78,6 @@ static SQLHSTMT custom_prepare(struct odbc_obj *obj, void *data) SQLHSTMT stmt; va_list ap; - va_copy(ap, cps->ap); - res = SQLAllocHandle(SQL_HANDLE_STMT, obj->con, &stmt); if ((res != SQL_SUCCESS) && (res != SQL_SUCCESS_WITH_INFO)) { ast_log(LOG_WARNING, "SQL Alloc Handle failed!\n"); @@ -95,6 +93,7 @@ static SQLHSTMT custom_prepare(struct odbc_obj *obj, void *data) return NULL; } + va_copy(ap, cps->ap); while ((newparam = va_arg(ap, const char *))) { newval = va_arg(ap, const char *); if ((1LL << count++) & cps->skip) { @@ -172,8 +171,6 @@ static struct ast_variable *realtime_odbc(const char *database, const char *tabl if (ast_string_field_init(&cps, 256)) { return NULL; } - va_copy(cps.ap, ap); - va_copy(aq, ap); if (!table) { ast_string_field_free_memory(&cps); @@ -188,8 +185,10 @@ static struct ast_variable *realtime_odbc(const char *database, const char *tabl return NULL; } + va_copy(aq, ap); newparam = va_arg(aq, const char *); if (!newparam) { + va_end(aq); ast_odbc_release_obj(obj); ast_string_field_free_memory(&cps); return NULL; @@ -206,7 +205,9 @@ static struct ast_variable *realtime_odbc(const char *database, const char *tabl } va_end(aq); + va_copy(cps.ap, ap); stmt = ast_odbc_prepare_and_execute(obj, custom_prepare, &cps); + va_end(cps.ap); if (!stmt) { ast_odbc_release_obj(obj); @@ -340,8 +341,6 @@ static struct ast_config *realtime_multi_odbc(const char *database, const char * if (!table || ast_string_field_init(&cps, 256)) { return NULL; } - va_copy(cps.ap, ap); - va_copy(aq, ap); obj = ast_odbc_request_obj2(database, connected_flag); @@ -350,15 +349,20 @@ static struct ast_config *realtime_multi_odbc(const char *database, const char * return NULL; } + va_copy(aq, ap); newparam = va_arg(aq, const char *); if (!newparam) { + va_end(aq); ast_odbc_release_obj(obj); ast_string_field_free_memory(&cps); return NULL; } + initfield = ast_strdupa(newparam); - if ((op = strchr(initfield, ' '))) + if ((op = strchr(initfield, ' '))) { *op = '\0'; + } + va_arg(aq, const char *); op = !strchr(newparam, ' ') ? " =" : ""; snprintf(sql, sizeof(sql), "SELECT * FROM %s WHERE %s%s ?%s", table, newparam, op, @@ -369,11 +373,15 @@ static struct ast_config *realtime_multi_odbc(const char *database, const char * strcasestr(newparam, "LIKE") && !ast_odbc_backslash_is_escape(obj) ? " ESCAPE '\\'" : ""); va_arg(aq, const char *); } - if (initfield) - snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " ORDER BY %s", initfield); va_end(aq); + if (initfield) { + snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " ORDER BY %s", initfield); + } + + va_copy(cps.ap, ap); stmt = ast_odbc_prepare_and_execute(obj, custom_prepare, &cps); + va_end(cps.ap); if (!stmt) { ast_odbc_release_obj(obj); @@ -490,9 +498,6 @@ static int update_odbc(const char *database, const char *table, const char *keyf return -1; } - va_copy(cps.ap, ap); - va_copy(aq, ap); - if (ast_string_field_init(&cps, 256)) { return -1; } @@ -504,8 +509,10 @@ static int update_odbc(const char *database, const char *table, const char *keyf return -1; } + va_copy(aq, ap); newparam = va_arg(aq, const char *); if (!newparam) { + va_end(aq); ast_odbc_release_obj(obj); ast_odbc_release_table(tableptr); ast_string_field_free_memory(&cps); @@ -540,7 +547,9 @@ static int update_odbc(const char *database, const char *table, const char *keyf snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " WHERE %s=?", keyfield); ast_odbc_release_table(tableptr); + va_copy(cps.ap, ap); stmt = ast_odbc_prepare_and_execute(obj, custom_prepare, &cps); + va_end(cps.ap); if (!stmt) { ast_odbc_release_obj(obj); @@ -622,14 +631,16 @@ static SQLHSTMT update2_prepare(struct odbc_obj *obj, void *data) } va_end(ap); - /* Restart search, because we need to add the search parameters */ - va_copy(ap, ups->ap); ast_str_append(&sql, 0, "WHERE"); first = 1; + /* Restart search, because we need to add the search parameters */ + va_copy(ap, ups->ap); + while ((newparam = va_arg(ap, const char *))) { newval = va_arg(ap, const char *); if (!(column = ast_odbc_find_column(tableptr, newparam))) { + va_end(ap); ast_log(LOG_ERROR, "One or more of the criteria columns '%s' on '%s@%s' for this update does not exist!\n", newparam, ups->table, ups->database); ast_odbc_release_table(tableptr); SQLFreeHandle(SQL_HANDLE_STMT, stmt); @@ -677,16 +688,17 @@ static int update2_odbc(const char *database, const char *table, va_list ap) int res; SQLLEN rowcount = 0; - va_copy(ups.ap, ap); - if (!(obj = ast_odbc_request_obj(database, 0))) { return -1; } + va_copy(ups.ap, ap); if (!(stmt = ast_odbc_prepare_and_execute(obj, update2_prepare, &ups))) { + va_end(ups.ap); ast_odbc_release_obj(obj); return -1; } + va_end(ups.ap); res = SQLRowCount(stmt, &rowcount); SQLFreeHandle(SQL_HANDLE_STMT, stmt); @@ -733,18 +745,20 @@ static int store_odbc(const char *database, const char *table, va_list ap) struct custom_prepare_struct cps = { .sql = sql, .extra = NULL }; struct ast_flags connected_flag = { RES_ODBC_CONNECTED }; - va_copy(cps.ap, ap); - va_copy(aq, ap); - - if (!table) + if (!table) { return -1; + } obj = ast_odbc_request_obj2(database, connected_flag); - if (!obj) + if (!obj) { return -1; + } + + va_copy(aq, ap); newparam = va_arg(aq, const char *); if (!newparam) { + va_end(aq); ast_odbc_release_obj(obj); return -1; } @@ -759,7 +773,10 @@ static int store_odbc(const char *database, const char *table, va_list ap) va_end(aq); snprintf(sql, sizeof(sql), "INSERT INTO %s (%s) VALUES (%s)", table, keys, vals); + + va_copy(cps.ap, ap); stmt = ast_odbc_prepare_and_execute(obj, custom_prepare, &cps); + va_end(cps.ap); if (!stmt) { ast_odbc_release_obj(obj); @@ -808,17 +825,18 @@ static int destroy_odbc(const char *database, const char *table, const char *key struct custom_prepare_struct cps = { .sql = sql, .extra = lookup }; struct ast_flags connected_flag = { RES_ODBC_CONNECTED }; - va_copy(cps.ap, ap); - va_copy(aq, ap); - - if (!table) + if (!table) { return -1; + } obj = ast_odbc_request_obj2(database, connected_flag); - if (!obj) + if (!obj) { return -1; + } snprintf(sql, sizeof(sql), "DELETE FROM %s WHERE ", table); + + va_copy(aq, ap); while((newparam = va_arg(aq, const char *))) { snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), "%s=? AND ", newparam); va_arg(aq, const char *); @@ -826,7 +844,9 @@ static int destroy_odbc(const char *database, const char *table, const char *key va_end(aq); snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), "%s=?", keyfield); + va_copy(cps.ap, ap); stmt = ast_odbc_prepare_and_execute(obj, custom_prepare, &cps); + va_end(cps.ap); if (!stmt) { ast_odbc_release_obj(obj); @@ -1124,7 +1144,6 @@ static int require_odbc(const char *database, const char *table, va_list ap) ast_log(LOG_WARNING, "Realtime table %s@%s requires column '%s', but that column does not exist!\n", table, database, elm); } } - va_end(ap); AST_RWLIST_UNLOCK(&tableptr->columns); return 0; } diff --git a/res/res_config_pgsql.c b/res/res_config_pgsql.c index 8eae03f5a..02c76fcfe 100644 --- a/res/res_config_pgsql.c +++ b/res/res_config_pgsql.c @@ -461,7 +461,6 @@ static struct ast_variable *realtime_pgsql(const char *database, const char *tab ESCAPE_STRING(escapebuf, newval); if (pgresult) { ast_log(LOG_ERROR, "PostgreSQL RealTime: detected invalid input: '%s'\n", newval); - va_end(ap); return NULL; } @@ -476,13 +475,11 @@ static struct ast_variable *realtime_pgsql(const char *database, const char *tab ESCAPE_STRING(escapebuf, newval); if (pgresult) { ast_log(LOG_ERROR, "PostgreSQL RealTime: detected invalid input: '%s'\n", newval); - va_end(ap); return NULL; } ast_str_append(&sql, 0, " AND %s%s '%s'", newparam, op, ast_str_buffer(escapebuf)); } - va_end(ap); /* We now have our complete statement; Lets connect to the server and execute it. */ ast_mutex_lock(&pgsql_lock); @@ -598,7 +595,6 @@ static struct ast_config *realtime_multi_pgsql(const char *database, const char ESCAPE_STRING(escapebuf, newval); if (pgresult) { ast_log(LOG_ERROR, "PostgreSQL RealTime: detected invalid input: '%s'\n", newval); - va_end(ap); ast_config_destroy(cfg); return NULL; } @@ -614,7 +610,6 @@ static struct ast_config *realtime_multi_pgsql(const char *database, const char ESCAPE_STRING(escapebuf, newval); if (pgresult) { ast_log(LOG_ERROR, "PostgreSQL RealTime: detected invalid input: '%s'\n", newval); - va_end(ap); ast_config_destroy(cfg); return NULL; } @@ -626,7 +621,6 @@ static struct ast_config *realtime_multi_pgsql(const char *database, const char ast_str_append(&sql, 0, " ORDER BY %s", initfield); } - va_end(ap); /* We now have our complete statement; Lets connect to the server and execute it. */ ast_mutex_lock(&pgsql_lock); @@ -761,7 +755,6 @@ static int update_pgsql(const char *database, const char *tablename, const char ESCAPE_STRING(escapebuf, newval); if (pgresult) { ast_log(LOG_ERROR, "PostgreSQL RealTime: detected invalid input: '%s'\n", newval); - va_end(ap); release_table(table); return -1; } @@ -778,20 +771,17 @@ static int update_pgsql(const char *database, const char *tablename, const char ESCAPE_STRING(escapebuf, newval); if (pgresult) { ast_log(LOG_ERROR, "PostgreSQL RealTime: detected invalid input: '%s'\n", newval); - va_end(ap); release_table(table); return -1; } ast_str_append(&sql, 0, ", %s = '%s'", newparam, ast_str_buffer(escapebuf)); } - va_end(ap); release_table(table); ESCAPE_STRING(escapebuf, lookup); if (pgresult) { ast_log(LOG_ERROR, "PostgreSQL RealTime: detected invalid input: '%s'\n", lookup); - va_end(ap); return -1; } @@ -1007,7 +997,6 @@ static int store_pgsql(const char *database, const char *table, va_list ap) ESCAPE_STRING(buf, newval); ast_str_append(&sql2, 0, ", '%s'", ast_str_buffer(buf)); } - va_end(ap); ast_str_append(&sql1, 0, "%s)", ast_str_buffer(sql2)); ast_debug(1, "PostgreSQL RealTime: Insert SQL: %s\n", ast_str_buffer(sql1)); @@ -1089,7 +1078,6 @@ static int destroy_pgsql(const char *database, const char *table, const char *ke ESCAPE_STRING(buf2, newval); ast_str_append(&sql, 0, " AND %s = '%s'", ast_str_buffer(buf1), ast_str_buffer(buf2)); } - va_end(ap); ast_debug(1, "PostgreSQL RealTime: Delete SQL: %s\n", ast_str_buffer(sql)); -- cgit v1.2.3