Fix XML encoding of 'identity display' in NOTIFY messages.

XML encoding in chan_sip is accomplished by naively building the XML directly from strings. While this usually works, it fails to take into account escaping the reserved characters in XML. This patch adds an 'ast_xml_escape' function, which works similarly to 'ast_uri_encode'. This is used to properly escape the local_display attribute in XML formatted NOTIFY messages. Several things to note: * The Right Thing(TM) to do would probably be to replace the ast_build_string stuff with building an ast_xml_doc. That's a much bigger change, and out of scope for the original ticket, so I refrained myself. * It is with great sadness that I wrote my own ast_xml_escape function. There's one in libxml2, but it's knee-deep in libxml2-ness, and not easily used to one-off escape a string. * I only escaped the string we know is causing problems (local_display). At least some of the other strings are URI-encoded, which should be XML safe. Rather than figuring out what's safe and escaping what's not, it would be much cleaner to simply build an ast_xml_doc for the messages and let the XML library do the XML escaping. Like I said, that's out of scope. (closes issue ABE-2902) Reported by: Guenther Kelleter Tested by: Guenther Kelleter Review: http://reviewboard.digium.internal/r/365/ ........ Merged revision 378919 from https://origsvn.digium.com/svn/asterisk/be/branches/C.3-bier ........ Merged revisions 378933 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 378934 from http://svn.asterisk.org/svn/asterisk/branches/11 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378935 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2025-10-22 12:52:33 +00:00 · 2013-01-12 06:43:37 +00:00
parent c5ec471766
commit aecd2429bd
4 changed files with 202 additions and 3 deletions
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -14543,7 +14543,8 @@ static void state_notify_build_xml(struct state_notify_data *data, int full, con
 		ast_str_append(tmp, 0, "<?xml version=\"1.0\"?>\n");
 		ast_str_append(tmp, 0, "<dialog-info xmlns=\"urn:ietf:params:xml:ns:dialog-info\" version=\"%u\" state=\"%s\" entity=\"%s\">\n", p->dialogver, full ? "full" : "partial", mto);
 		if (data->state > 0 && (data->state & AST_EXTENSION_RINGING) && sip_cfg.notifyringing) {
-			const char *local_display = exten;
+			/* Twice the extension length should be enough for XML encoding */
+			char local_display[AST_MAX_EXTENSION * 2];
 			char *local_target = ast_strdupa(mto);
 			const char *remote_display = exten;
 			/* It may seem odd to base the remote_target on the To header here,
@@ -14556,6 +14557,8 @@ static void state_notify_build_xml(struct state_notify_data *data, int full, con
 			 */
 			char *remote_target = ast_strdupa(mto);

+			ast_xml_escape(exten, local_display, sizeof(local_display));
+
 			/* There are some limitations to how this works.  The primary one is that the
 			   callee must be dialing the same extension that is being monitored.  Simply dialing
 			   the hint'd device is not sufficient. */
@@ -14575,8 +14578,9 @@ static void state_notify_build_xml(struct state_notify_data *data, int full, con
 					local_target = ast_alloca(need);
 					snprintf(local_target, need, "sip:%s@%s", cid_num, p->fromdomain);

-					local_display = ast_strdupa(S_COR(ast_channel_caller(callee)->id.name.valid,
-						ast_channel_caller(callee)->id.name.str, ""));
+					ast_xml_escape(S_COR(ast_channel_caller(callee)->id.name.valid,
+							     ast_channel_caller(callee)->id.name.str, ""),
+						       local_display, sizeof(local_display));

 					connected_num = S_COR(ast_channel_connected(callee)->id.number.valid,
 						ast_channel_connected(callee)->id.number.str, "");