From f4be174ad8e0adeed01cc8551f83511644aa331e Mon Sep 17 00:00:00 2001 From: BJ Weschke Date: Sat, 18 Oct 2008 02:29:37 +0000 Subject: [PATCH] Merged revisions 150817 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ........ r150817 | bweschke | 2008-10-17 22:18:33 -0400 (Fri, 17 Oct 2008) | 8 lines Using the GetVar handler in AMI is potentially dangerous (insta-crash [tm]) when you use a dialplan function that requires a channel and then you don't provide one or provide an invalid one in the Channel: parameter. We'll handle this situation exactly the same way it was handled in pbx.c back on r61766. We'll create a bogus channel for the function call and destroy it when we're done. If we have trouble allocating the bogus channel then we're not going to try executing the function call at all and run the risk of crashing. (closes issue #13715) reported by: makoto patch by: bweschke ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.6.1@150829 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- main/manager.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/main/manager.c b/main/manager.c index 1a2c492662..35e8b1657d 100644 --- a/main/manager.c +++ b/main/manager.c @@ -1804,8 +1804,15 @@ static int action_getvar(struct mansession *s, const struct message *m) } if (varname[strlen(varname) - 1] == ')') { - - ast_func_read(c, (char *) varname, workspace, sizeof(workspace)); + if (!c) { + c = ast_channel_alloc(0, 0, "", "", "", "", "", 0, "Bogus/%p", NULL); + if (c) { + ast_func_read(c, (char *) varname, workspace, sizeof(workspace)); + ast_channel_free(c); + } else + ast_log(LOG_ERROR, "Unable to allocate bogus channel for variable substitution. Function results may be blank.\n"); + } else + ast_func_read(c, (char *) varname, workspace, sizeof(workspace)); varval = workspace; } else { pbx_retrieve_variable(c, varname, &varval, workspace, sizeof(workspace), NULL);