From 3093ccb61966c7f12dfc7da8fe814da2de13c324 Mon Sep 17 00:00:00 2001
From: Tilghman Lesher <tilghman@meg.abyt.es>
Date: Wed, 16 Sep 2009 23:42:12 +0000
Subject: [PATCH] Merged revisions 219023 via svnmerge from
 https://origsvn.digium.com/svn/asterisk/branches/1.4

........
  r219023 | tilghman | 2009-09-16 18:21:53 -0500 (Wed, 16 Sep 2009) | 8 lines

  Properly deal with quotes in the arguments of '#exec' includes.
  (closes issue #15583)
   Reported by: pkempgen
   Patches:
         20090726__issue15583.diff.txt uploaded by tilghman (license 14)
         20090726__issue15583-1.4-4.diff.txt uploaded by pkempgen (license 169)
   Tested by: pkempgen
........


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@219061 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 configs/extensions.conf.sample |  5 +++++
 main/config.c                  | 30 ++++++++++++++++++++----------
 2 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/configs/extensions.conf.sample b/configs/extensions.conf.sample
index 997c97eb62..0cf8542fc4 100644
--- a/configs/extensions.conf.sample
+++ b/configs/extensions.conf.sample
@@ -106,6 +106,8 @@ clearglobalvars=no
 ; that includes contexts within other contexts. The #include command works
 ; in all asterisk configuration files.
 ;#include "filename.conf"
+;#include <filename.conf>
+;#include filename.conf
 ;
 ; You can execute a program or script that produces config files, and they
 ; will be inserted where you insert the #exec command. The #exec command
@@ -113,6 +115,9 @@ clearglobalvars=no
 ; activate them within asterisk.conf with the "execincludes" option.  They
 ; are otherwise considered a security risk.
 ;#exec /opt/bin/build-extra-contexts.sh
+;#exec /opt/bin/build-extra-contexts.sh --foo="bar"
+;#exec </opt/bin/build-extra-contexts.sh --foo="bar">
+;#exec "/opt/bin/build-extra-contexts.sh --foo=\"bar\""
 ;
 
 ; The "Globals" category contains global variables that can be referenced
diff --git a/main/config.c b/main/config.c
index f726548348..c17d22b8a8 100644
--- a/main/config.c
+++ b/main/config.c
@@ -1062,18 +1062,28 @@ static int process_text_line(struct ast_config *cfg, struct ast_category **cat,
 			return 0;	/* XXX is this correct ? or we should return -1 ? */
 		}
 
-		/* Strip off leading and trailing "'s and <>'s */
-		while ((*c == '<') || (*c == '>') || (*c == '\"')) c++;
-		/* Get rid of leading mess */
 		cur = c;
-		cur2 = cur;
-		while (!ast_strlen_zero(cur)) {
-			c = cur + strlen(cur) - 1;
-			if ((*c == '>') || (*c == '<') || (*c == '\"'))
-				*c = '\0';
-			else
-				break;
+		/* Strip off leading and trailing "'s and <>'s */
+		if (*c == '"') {
+			/* Dequote */
+			while (*c) {
+				if (*c == '"') {
+					strcpy(c, c + 1); /* SAFE */
+					c--;
+				} else if (*c == '\\') {
+					strcpy(c, c + 1); /* SAFE */
+				}
+				c++;
+			}
+		} else if (*c == '<') {
+			/* C-style include */
+			if (*(c + strlen(c) - 1) == '>') {
+				cur++;
+				*(c + strlen(c) - 1) = '\0';
+			}
 		}
+		cur2 = cur;
+
 		/* #exec </path/to/executable>
 		   We create a tmp file, then we #include it, then we delete it. */
 		if (!do_include) {
-- 
GitLab