Merged revisions 150817 via svnmerge from

https://origsvn.digium.com/svn/asterisk/trunk ........ r150817 | bweschke | 2008-10-17 22:18:33 -0400 (Fri, 17 Oct 2008) | 8 lines Using the GetVar handler in AMI is potentially dangerous (insta-crash [tm]) when you use a dialplan function that requires a channel and then you don't provide one or provide an invalid one in the Channel: parameter. We'll handle this situation exactly the same way it was handled in pbx.c back on r61766. We'll create a bogus channel for the function call and destroy it when we're done. If we have trouble allocating the bogus channel then we're not going to try executing the function call at all and run the risk of crashing. (closes issue #13715) reported by: makoto patch by: bweschke ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.6.1@150829 65c4cc65-6c06-0410-ace0-fbb531ad65f3
17 years ago · f4be174ad8
parent 68869cf828
commit f4be174ad8
1 changed files with 9 additions and 2 deletions
--- a/main/manager.c
+++ b/main/manager.c
@ -1804,8 +1804,15 @@ static int action_getvar(struct mansession *s, const struct message *m)
 	}

 	if (varname[strlen(varname) - 1] == ')') {
-
-		ast_func_read(c, (char *) varname, workspace, sizeof(workspace));
+		if (!c) {
+			c = ast_channel_alloc(0, 0, "", "", "", "", "", 0, "Bogus/%p", NULL);
+			if (c) {
+				ast_func_read(c, (char *) varname, workspace, sizeof(workspace));
+				ast_channel_free(c);
+			} else
+				ast_log(LOG_ERROR, "Unable to allocate bogus channel for variable substitution.  Function results may be blank.\n");
+		} else
+			ast_func_read(c, (char *) varname, workspace, sizeof(workspace));
 		varval = workspace;
 	} else {
 		pbx_retrieve_variable(c, varname, &varval, workspace, sizeof(workspace), NULL);