Skip to content
Snippets Groups Projects
Verified Commit 686f6a64 authored by Reidar Cederqvist's avatar Reidar Cederqvist
Browse files

fix possible vulnerabilities due to the use of eval

parent 2432964b
No related branches found
No related tags found
1 merge request!165asterisk: fix vulnerabilities associated with "echo -e"
Hide whitespace changes
Inline Side-by-side
net/asterisk/files/iopsys/lib/voice/config_asterisk.sh
+ 18
18
View file @ 686f6a64
...@@ -1137,56 +1137,56 @@ get_prefixinfo() { ...@@ -1137,56 +1137,56 @@ get_prefixinfo() {
config_get prefix $info prefixrange config_get prefix $info prefixrange
[ "$type" = "EMERGENCY" ] && { [ "$type" = "EMERGENCY" ] && {
[ "$action" = "EMERGENCY" ] && echo emergency="$prefix" [ "$action" = "EMERGENCY" ] && emergency="$prefix"
return return
} }
[ "$type" = "FAC" ] || return [ "$type" = "FAC" ] || return
echo channel_fac=\"\$channel_fac $prefix\" channel_fac="${channel_fac:+${channel_fac} }$prefix"
case $action in case $action in
CFU_ACTIVATE) CFU_ACTIVATE)
echo cfim_on="$prefix" cfim_on="$prefix"
;; ;;
CFU_DEACTIVATE) CFU_DEACTIVATE)
echo cfim_off="$prefix" cfim_off="$prefix"
;; ;;
CFNR_ACTIVATE) CFNR_ACTIVATE)
echo cfbs_on="$prefix" cfbs_on="$prefix"
;; ;;
CFNR_DEACTIVATE) CFNR_DEACTIVATE)
echo cfbs_off="$prefix" cfbs_off="$prefix"
;; ;;
CFB_ACTIVATE) CFB_ACTIVATE)
echo cfb_on="$prefix" cfb_on="$prefix"
;; ;;
CFB_DEACTIVATE) CFB_DEACTIVATE)
echo cfb_off="$prefix" cfb_off="$prefix"
;; ;;
CW_ACTIVATE) CW_ACTIVATE)
echo cw_on="$prefix" cw_on="$prefix"
;; ;;
CW_DEACTIVATE) CW_DEACTIVATE)
echo cw_off="$prefix" cw_off="$prefix"
;; ;;
DND_ACTIVATE) DND_ACTIVATE)
echo dnd_on="$prefix" dnd_on="$prefix"
;; ;;
DND_DEACTIVATE) DND_DEACTIVATE)
echo dnd_off="$prefix" dnd_off="$prefix"
;; ;;
DND_INTERROGATE) DND_INTERROGATE)
echo dnd_status="$prefix" dnd_status="$prefix"
;; ;;
CW_STATUS) CW_STATUS)
echo cw_status="$prefix" cw_status="$prefix"
;; ;;
REDIAL) REDIAL)
echo redial="$prefix" redial="$prefix"
;; ;;
CALLRETURN) CALLRETURN)
echo call_return="$prefix" call_return="$prefix"
;; ;;
esac esac
} }
...@@ -1254,7 +1254,7 @@ configure_feature_set() { ...@@ -1254,7 +1254,7 @@ configure_feature_set() {
# load featurecodes from prefixinfo # load featurecodes from prefixinfo
local channel_fac local channel_fac
eval "$(config_foreach get_prefixinfo prefixinfo "FAC")" config_foreach get_prefixinfo prefixinfo "FAC"
# Convert whitespace to commas # Convert whitespace to commas
channel_fac=$(echo "$channel_fac" | tr -s ' ' ',') channel_fac=$(echo "$channel_fac" | tr -s ' ' ',')
...@@ -1932,7 +1932,7 @@ create_temp_files() { ...@@ -1932,7 +1932,7 @@ create_temp_files() {
configure_emergency_numbers() { configure_emergency_numbers() {
local emergency local emergency
eval "$(config_foreach get_prefixinfo prefixinfo "EMERGENCY")" config_foreach get_prefixinfo prefixinfo "EMERGENCY"
ast_conf_replace_esc "|EMERGENCY_NUMBERS|" "$emergency" $WORK_DIR/chan_telephony.conf ast_conf_replace_esc "|EMERGENCY_NUMBERS|" "$emergency" $WORK_DIR/chan_telephony.conf
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment