kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-03 11:25:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

app_followme.c: Grab reference on nativeformats before using it

Browse Source 
Fixes a crash due to a lack of proper reference on the nativeformats
object before passing it into ast_request().  Also found potentially
similar use case bugs in app_chanisavail.c, bridge.c, and bridge_basic.c

Fixes: #388
(cherry picked from commit eeae61b2f8)
This commit is contained in:
Matthew Fredrickson
2023-10-25 21:14:48 -05:00
committed by Asterisk Development Team
parent 1701775d07
commit d8434ca398
4 changed files with 49 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
apps/app_chanisavail.c
View File

@@ -117,6 +117,7 @@ static int chanavail_exec(struct ast_channel *chan, const char *data)
struct ast_str *tmp_availcause = ast_str_alloca(2048);
struct ast_channel *tempchan;
struct ast_custom_function *cdr_prop_func = ast_custom_function_find("CDR_PROP");
struct ast_format_cap *caps = NULL;
AST_DECLARE_APP_ARGS(args,
AST_APP_ARG(reqchans);
AST_APP_ARG(options);
@@ -126,6 +127,10 @@ static int chanavail_exec(struct ast_channel *chan, const char *data)
AST_STANDARD_APP_ARGS(args, info);
ao2_lock(chan);
caps = ao2_bump(ast_channel_nativeformats(chan));
ao2_unlock(chan);
if (args.options) {
if (strchr(args.options, 'a')) {
option_all_avail = 1;
@@ -174,10 +179,11 @@ static int chanavail_exec(struct ast_channel *chan, const char *data)
snprintf(trychan, sizeof(trychan), "%s/%s", tech, number);
status = inuse = ast_device_state(trychan);
}
ast_str_append(&tmp_availstat, 0, "%s%d",
ast_str_strlen(tmp_availstat) ? "&" : "", status);
ast_str_append(&tmp_availstat, 0, "%s%d", ast_str_strlen(tmp_availstat) ? "&" : "", status);
if ((inuse <= (int) AST_DEVICE_NOT_INUSE)
&& (tempchan = ast_request(tech, ast_channel_nativeformats(chan), NULL, chan, number, &status))) {
&& (tempchan = ast_request(tech, caps, NULL, chan, number, &status))) {
ast_str_append(&tmp_availchan, 0, "%s%s",
ast_str_strlen(tmp_availchan) ? "&" : "", ast_channel_name(tempchan));
@@ -199,8 +205,11 @@ static int chanavail_exec(struct ast_channel *chan, const char *data)
break;
}
}
}
ao2_cleanup(caps);
pbx_builtin_setvar_helper(chan, "AVAILCHAN", ast_str_buffer(tmp_availchan));
/* Store the originally used channel too */
pbx_builtin_setvar_helper(chan, "AVAILORIGCHAN", ast_str_buffer(tmp_availorig));

12
apps/app_followme.c
View File

@@ -1068,6 +1068,7 @@ static struct ast_channel *findmeexec(struct fm_args *tpargs, struct ast_channel
ast_copy_string(num, nm->number, sizeof(num));
for (number = num; number; number = rest) {
struct ast_channel *outbound;
struct ast_format_cap *caps;
rest = strchr(number, '&');
if (rest) {
@@ -1097,8 +1098,15 @@ static struct ast_channel *findmeexec(struct fm_args *tpargs, struct ast_channel
? "/n" : "/m");
}
outbound = ast_request("Local", ast_channel_nativeformats(caller), NULL, caller,
tmpuser->dialarg, &dg);
/* Capture nativeformats reference in case it gets changed */
ast_channel_lock(caller);
caps = ao2_bump(ast_channel_nativeformats(caller));
ast_channel_unlock(caller);
outbound = ast_request("Local", caps, NULL, caller, tmpuser->dialarg, &dg);
ao2_cleanup(caps);
if (!outbound) {
ast_log(LOG_WARNING, "Unable to allocate a channel for Local/%s cause: %s\n",
tmpuser->dialarg, ast_cause2str(dg));