-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/4594/
-----------------------------------------------------------
(Updated April 7, 2015, 6:25 p.m.)
Review request for Asterisk Developers.
Bugs: asterisk-24934
https://issues.asterisk.org/jira/browse/asterisk-24934
Repository: Asterisk
Description
-------
Asterisk manager output is created using printf formatting, like:
manager_event(SOME_EVENT_FLAG, "EventName",
"KeyOne: %s\r\nKeyTwo: %s\r\n", val1, val2);
This causes problems when the values themselves contain control characters like
carriage return and newline, so that applications parsing the output will
interpret this as a new key, or the end of an event. An example of this is
having a callerid contain "\r\n\r\n". This ends the event, and the keys for
the same event are interpreted as a new message, and any keys below are missed
for the real event.
I've included a patch that provides a ast_escape_c() function which takes a
string, then returns a pointer to a new string that has the c characters
escaped (i.e., newline into \n). I've modified the calls to the manager_event
functions (manager_event, ast_manager_event, ast_manager_event_multichan) so
that values that could be set by a user are escaped. The string values that as
far as I know aren't user-created were left as-is, like channel names and
uniqueid.
There are quite a few calls to the manager event functions and I've double
checked to make sure all memory allocations are freed after creating the
escaped string. I also had added an ast_replace_string function which i didn't
end up using, and added an ast_escape_output function which just calls
ast_escape_c. An alternative would be to replace the sequence "\r\n" with the
escaped version, rather than the individual characters.
I'm testing on our asterisk 11 install and this fixes the parsing bugs we run
into from messed up callerids and things like agent names containing return +
newline.
Diffs (updated)
-----
http://svn.asterisk.org/svn/asterisk/branches/11/channels/chan_local.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/channels/chan_iax2.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/channels/chan_agent.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/cel/cel_manager.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/cdr/cdr_manager.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/apps/app_voicemail.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/apps/app_userevent.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/apps/app_stack.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/apps/app_queue.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/apps/app_meetme.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/apps/app_dial.c 433419
http://svn.asterisk.org/svn/asterisk/branches/11/apps/app_confbridge.c 433419
Diff: https://reviewboard.asterisk.org/r/4594/diff/
Testing
-------
In our production environment I have been running the patch for about 5 days.
The parsing issues we have had in the past are now resolved.
Thanks,
warren smith
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-dev
