Commits

Anonymous committed 136a43b Draft

AST-2011-001
- ast_uri_validhex - include for the moment to use the original patch.

Comments (0)

Files changed (4)

 asterisk (1:1.4.21.2~dfsg-3+lenny2) stable-proposed-updates; urgency=low
 
+  [ Faidon Liambotis ]
   * Fix broken IAX2 sequence number generation, an upstream regression of
     AST-2008-010's fix, included in the previous release of ours.
   * Backport a patch that fixes severe problems when using IAX2 encryption.
   * Use a disabled [directories] in asterisk.conf rather than an invalid
     [globals] (Closes: #532313).
 
- -- Faidon Liambotis <paravoid@debian.org>  Wed, 16 Dec 2009 04:04:56 +0200
+  [ Tzafrir Cohen ]
+  * AST-2011-001
+    - ast_uri_validhex - include for the moment to use the original patch.
+  * My new @debian.org address.
+
+ -- Tzafrir Cohen <tzafrir@debian.org>  Tue, 18 Jan 2011 16:56:06 +0200
 
 asterisk (1:1.4.21.2~dfsg-3+lenny1) stable-security; urgency=high
 

debian/patches/AST-2011-001

+From: Leif Madsen <lmadsen@digium.com>
+Date: Mon, 17 Jan 2011 18:57:55 +0000
+Subject: [PATCH] AST-2011-001
+Origin: http://svnview.digium.com/svn/asterisk?view=rev&rev=302145
+---
+ main/utils.c                 |   27 ++--
+
+diff --git a/main/utils.c b/main/utils.c
+index a9b8872..5fbf755 100644
+--- a/main/utils.c
++++ b/main/utils.c
+@@ -387,28 +387,27 @@ char *ast_uri_encode(const char *string, char *outbuf, int buflen, int doreserve
+ 	char *reserved = ";/?:@&=+$,# ";	/* Reserved chars */
+ 
+  	const char *ptr  = string;	/* Start with the string */
+-	char *out = NULL;
+-	char *buf = NULL;
++	char *out = outbuf;
+ 
+-	ast_copy_string(outbuf, string, buflen);
+-
+-	/* If there's no characters to convert, just go through and don't do anything */
+-	while (*ptr) {
++	/* If there's no characters to convert, just go through and copy the string */
++	while (*ptr && out - outbuf < buflen - 1) {
+ 		if ((*ptr < 32) || (doreserved && strchr(reserved, *ptr))) {
+-			/* Oops, we need to start working here */
+-			if (!buf) {
+-				buf = outbuf;
+-				out = buf + (ptr - string) ;	/* Set output ptr */
++			if (out - outbuf >= buflen - 3) {
++				break;
+ 			}
++
+ 			out += sprintf(out, "%%%02x", (unsigned char) *ptr);
+-		} else if (buf) {
+-			*out = *ptr;	/* Continue copying the string */
++		} else {
++			*out = *ptr;	/* copy the character */
+ 			out++;
+-		} 
++		}
+ 		ptr++;
+ 	}
+-	if (buf)
++
++	if (buflen) {
+ 		*out = '\0';
++	}
++
+ 	return outbuf;
+ }
+ 
+-- 
+1.7.2.3
+

debian/patches/ast_uri_validhex

+Subject: [PATCH] hex escape control and non 7-bit clean characters in uri_encode
+From: David Vossel <dvossel@digium.com>
+Date: Mon, 7 Dec 2009 23:24:59 +0000
+Bug: https://issues.asterisk.org/view.php?id=16299
+Origin: http://svnview.digium.com/svn/asterisk?view=rev&rev=233609
+
+In ast_uri_encode, non 7-bit clean characters were being hex escaped
+correctly, but control characters were not.
+
+Adding this one for the moment to help AST-2011-001 build.
+
+---
+ main/utils.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/main/utils.c b/main/utils.c
+index 97991ef..f835e11 100644
+--- a/main/utils.c
++++ b/main/utils.c
+@@ -394,7 +394,7 @@ char *ast_uri_encode(const char *string, char *outbuf, int buflen, int doreserve
+ 
+ 	/* If there's no characters to convert, just go through and don't do anything */
+ 	while (*ptr) {
+-		if (((unsigned char) *ptr) > 127 || (doreserved && strchr(reserved, *ptr)) ) {
++		if ((*ptr < 32) || (doreserved && strchr(reserved, *ptr))) {
+ 			/* Oops, we need to start working here */
+ 			if (!buf) {
+ 				buf = outbuf;
+-- 
+1.7.2.3
+

debian/patches/series

 AST-2009-008
 
 AST-2009-010
+ast_uri_validhex
+AST-2011-001