----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviewboard.asterisk.org/r/4594/#review15099 -----------------------------------------------------------
I don't see the actual patch on the issue. Did you use post-review to load the diff? - Matt Jordan On April 6, 2015, 2:54 p.m., warren smith wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviewboard.asterisk.org/r/4594/ > ----------------------------------------------------------- > > (Updated April 6, 2015, 2:54 p.m.) > > > Review request for Asterisk Developers. > > > Bugs: asterisk-24934 > https://issues.asterisk.org/jira/browse/asterisk-24934 > > > Repository: Asterisk > > > Description > ------- > > Asterisk manager output is created using printf formatting, like: > > manager_event(SOME_EVENT_FLAG, "EventName", > "KeyOne: %s\r\nKeyTwo: %s\r\n", val1, val2); > > This causes problems when the values themselves contain control characters > like carriage return and newline, so that applications parsing the output > will interpret this as a new key, or the end of an event. An example of this > is having a callerid contain "\r\n\r\n". This ends the event, and the keys > for the same event are interpreted as a new message, and any keys below are > missed for the real event. > > I've included a patch that provides a ast_escape_c() function which takes a > string, then returns a pointer to a new string that has the c characters > escaped (i.e., newline into \n). I've modified the calls to the > manager_event functions (manager_event, ast_manager_event, > ast_manager_event_multichan) so that values that could be set by a user are > escaped. The string values that as far as I know aren't user-created were > left as-is, like channel names and uniqueid. > > There are quite a few calls to the manager event functions and I've double > checked to make sure all memory allocations are freed after creating the > escaped string. I also had added an ast_replace_string function which i > didn't end up using, and added an ast_escape_output function which just calls > ast_escape_c. An alternative would be to replace the sequence "\r\n" with > the escaped version, rather than the individual characters. > > I'm testing on our asterisk 11 install and this fixes the parsing bugs we run > into from messed up callerids and things like agent names containing return + > newline. > > > Diffs > ----- > > > Diff: https://reviewboard.asterisk.org/r/4594/diff/ > > > Testing > ------- > > In our production environment I have been running the patch for about 5 days. > The parsing issues we have had in the past are now resolved. > > > Thanks, > > warren smith > >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
