From 1fca95b1d45f01ad13edef77cd0b04db546c8a89 Mon Sep 17 00:00:00 2001
From: Tilghman Lesher <tilghman@meg.abyt.es>
Date: Mon, 2 May 2011 19:15:46 +0000
Subject: [PATCH] Merged revisions 316094 via svnmerge from
 https://origsvn.digium.com/svn/asterisk/branches/1.8

................
  r316094 | tilghman | 2011-05-02 14:09:55 -0500 (Mon, 02 May 2011) | 15 lines

  Merged revisions 316093 via svnmerge from
  https://origsvn.digium.com/svn/asterisk/branches/1.6.2

  ........
    r316093 | tilghman | 2011-05-02 14:04:36 -0500 (Mon, 02 May 2011) | 8 lines

    More possible crashes based upon invalid inputs.

    (closes issue #18161)
     Reported by: wdoekes
     Patches:
           20110301__issue18161.diff.txt uploaded by tilghman (license 14)
     Tested by: wdoekes
  ........
................


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@316095 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 funcs/func_curl.c | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/funcs/func_curl.c b/funcs/func_curl.c
index e5784652f4..24f6fd923f 100644
--- a/funcs/func_curl.c
+++ b/funcs/func_curl.c
@@ -582,6 +582,10 @@ static int acf_curl_helper(struct ast_channel *chan, const char *cmd, char *info
 		*buf = '\0';
 	}
 
+	if (!str) {
+		return -1;
+	}
+
 	if (ast_strlen_zero(info)) {
 		ast_log(LOG_WARNING, "CURL requires an argument (URL)\n");
 		ast_free(str);
@@ -651,21 +655,22 @@ static int acf_curl_helper(struct ast_channel *chan, const char *cmd, char *info
 			int rowcount = 0;
 			while (fields && values && (piece = strsep(&remainder, "&"))) {
 				char *name = strsep(&piece, "=");
-				if (!piece) {
-					piece = "";
-				}
 				/* Do this before the decode, because if something has encoded
 				 * a literal plus-sign, we don't want to translate that to a
 				 * space. */
 				if (hashcompat == HASHCOMPAT_LEGACY) {
-					ast_uri_decode(piece, ast_uri_http_legacy);
+					if (piece) {
+						ast_uri_decode(piece, ast_uri_http_legacy);
+					}
 					ast_uri_decode(name, ast_uri_http_legacy);
 				} else {
-					ast_uri_decode(piece, ast_uri_http);
+					if (piece) {
+						ast_uri_decode(piece, ast_uri_http);
+					}
 					ast_uri_decode(name, ast_uri_http);
 				}
 				ast_str_append(&fields, 0, "%s%s", rowcount ? "," : "", name);
-				ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", piece);
+				ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", S_OR(piece, ""));
 				rowcount++;
 			}
 			pbx_builtin_setvar_helper(chan, "~ODBCFIELDS~", ast_str_buffer(fields));
-- 
GitLab