Asterisk
/
asterisk
mirror of https://github.com/asterisk/asterisk
1
0
Fork 0
Code Issues Releases Wiki Activity

Coding guidelines stuff only.

Browse Source 
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@123009 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1.6.1
Sean Bright 18 years ago
parent 63bb6565d0
commit 8b1ed7aa5b
1 changed files with 14 additions and 24 deletions
Show Stats Download Patch File Download Diff File

34
cdr/cdr_tds.c
Unescape View File

@ -239,30 +239,26 @@ static char *anti_injection(const char *str, int len)
char *known_bad[] = {"select", "insert", "update", "delete", "drop", ";", "--", "\0"}; char *known_bad[] = {"select", "insert", "update", "delete", "drop", ";", "--", "\0"};
int idx; int idx;
if ((buf = ast_malloc(len + 1)) == NULL) if (!(buf = ast_calloc(1, len + 1))) {
{
ast_log(LOG_ERROR, "cdr_tds: Out of memory error\n"); ast_log(LOG_ERROR, "cdr_tds: Out of memory error\n");
return NULL; return NULL;
} }
memset(buf, 0, len);
buf_ptr = buf; buf_ptr = buf;
/* Escape single quotes */ /* Escape single quotes */
for (; *str && strlen(buf) < len; str++) for (; *str && strlen(buf) < len; str++) {
{ if (*str == '\'') {
if (*str == '\'')
*buf_ptr++ = '\''; *buf_ptr++ = '\'';
}
*buf_ptr++ = *str; *buf_ptr++ = *str;
} }
*buf_ptr = '\0'; *buf_ptr = '\0';
/* Erase known bad input */ /* Erase known bad input */
for (idx=0; *known_bad[idx]; idx++) for (idx = 0; *known_bad[idx]; idx++) {
{ while ((srh_ptr = strcasestr(buf, known_bad[idx]))) {
while((srh_ptr = strcasestr(buf, known_bad[idx]))) memmove(srh_ptr, srh_ptr + strlen(known_bad[idx]), strlen(srh_ptr + strlen(known_bad[idx])) + 1);
{
memmove(srh_ptr, srh_ptr+strlen(known_bad[idx]), strlen(srh_ptr+strlen(known_bad[idx]))+1);
} }
} }
@ -275,14 +271,11 @@ static void get_date(char *dateField, struct timeval tv)
char buf[80]; char buf[80];
/* To make sure we have date variable if not insert null to SQL */ /* To make sure we have date variable if not insert null to SQL */
if (!ast_tvzero(tv)) if (!ast_tvzero(tv)) {
{
ast_localtime(&tv, &tm, NULL); ast_localtime(&tv, &tm, NULL);
ast_strftime(buf, 80, DATE_FORMAT, &tm); ast_strftime(buf, 80, DATE_FORMAT, &tm);
sprintf(dateField, "'%s'", buf); sprintf(dateField, "'%s'", buf);
} } else {
else
{
strcpy(dateField, "null"); strcpy(dateField, "null");
} }
} }
@ -319,8 +312,7 @@ static int mssql_connect(void)
char query[128]; char query[128];
/* Connect to M$SQL Server */ /* Connect to M$SQL Server */
if (!(login = tds_alloc_login())) if (!(login = tds_alloc_login())) {
{
ast_log(LOG_ERROR, "tds_alloc_login() failed.\n"); ast_log(LOG_ERROR, "tds_alloc_login() failed.\n");
return -1; return -1;
} }
@ -354,14 +346,12 @@ static int mssql_connect(void)
tds_set_parent(tds, NULL); tds_set_parent(tds, NULL);
connection = tds_read_config_info(tds, login, context->locale); connection = tds_read_config_info(tds, login, context->locale);
if (!connection) if (!connection) {
{
ast_log(LOG_ERROR, "tds_read_config() failed.\n"); ast_log(LOG_ERROR, "tds_read_config() failed.\n");
goto connect_fail; goto connect_fail;
} }
if (tds_connect(tds, connection) == TDS_FAIL) if (tds_connect(tds, connection) == TDS_FAIL) {
{
ast_log(LOG_ERROR, "Failed to connect to MSSQL server.\n"); ast_log(LOG_ERROR, "Failed to connect to MSSQL server.\n");
tds = NULL; /* freed by tds_connect() on error */ tds = NULL; /* freed by tds_connect() on error */
#if (defined(FREETDS_0_63) || defined(FREETDS_0_64)) #if (defined(FREETDS_0_63) || defined(FREETDS_0_64))

Write Preview
Loading…
Cancel
Save