Change-Id: I873c1c6d00f447269bd841494459efccdd2c19c0

An admin can configure app_minivm with an externnotify program to be run
when a voicemail is received.  The app_minivm application MinivmNotify
uses ast_safe_system() for this purpose which is vulnerable to command
injection since the Caller-ID name and number values given to externnotify
can come from an external untrusted source.

* Add ast_safe_execvp() function.  This gives modules the ability to run
external commands with greater safety compared to ast_safe_system().
Specifically when some parameters are filled by untrusted sources the new
function does not allow malicious input to break argument encoding.  This
may be of particular concern where CALLERID(name) or CALLERID(num) may be
used as a parameter to a script run by ast_safe_system() which could
potentially allow arbitrary command execution.

* Changed app_minivm.c:run_externnotify() to use the new ast_safe_execvp()
instead of ast_safe_system() to avoid command injection.

* Document code injection potential from untrusted data sources for other
shell commands that are under user control.

ASTERISK-27103

Change-Id: I7552472247a84cde24e1358aaf64af160107aef1

ASTERISK_REGISTER_FILE no longer has any purpose so this commit removes
all traces of it.

Previously exported symbols removed:
* __ast_register_file
* __ast_unregister_file
* ast_complete_source_filename

This also removes the mtx_prof static variable that was declared when
MTX_PROFILE was enabled.  This variable was only used in lock.c so it
is now initialized in that file only.

ASTERISK-26480 #close

Change-Id: I1074af07d71f9e159c48ef36631aa432c86f9966

Git does not support the ability to replace a token with a version
string during check-in. While it does have support for replacing a
token on clone, this is somewhat sub-optimal: the token is replaced
with the object hash, which is not particularly easy for human
consumption. What's more, in practice, the source file version was often
not terribly useful. Generally, when triaging bugs, the overall version
of Asterisk is far more useful than an individual SVN version of a file. As a
result, this patch removes Asterisk's support for showing source file
versions.

Specifically, it does the following:

* Rename ASTERISK_FILE_VERSION macro to ASTERISK_REGISTER_FILE, and
  remove passing the version in with the macro. Other facilities
  than 'core show file version' make use of the file names, such as
  setting a debug level only on a specific file. As such, the act of
  registering source files with the Asterisk core still has use. The
  macro rename now reflects the new macro purpose.

* main/asterisk:
  - Refactor the file_version structure to reflect that it no longer
    tracks a version field.
  - Remove the "core show file version" CLI command. Without the file
    version, it is no longer useful.
  - Remove the ast_file_version_find function. The file version is no
    longer tracked.
  - Rename ast_register_file_version/ast_unregister_file_version to
    ast_register_file/ast_unregister_file, respectively.

* main/manager: Remove value from the Version key of the ModuleCheck
  Action. The actual key itself has not been removed, as doing so would
  absolutely constitute a backwards incompatible change. However, since
  the file version is no longer tracked, there is no need to attempt to
  include it in the Version key.

* UPGRADE: Add notes for:
  - Modification to the ModuleCheck AMI Action
  - Removal of the "core show file version" CLI command

Change-Id: I6cf0ff280e1668bf4957dc21f32a5ff43444a40e

........
  r369001 | kpfleming | 2012-06-15 10:56:08 -0500 (Fri, 15 Jun 2012) | 11 lines
  
  Add support-level indications to many more source files.
  
  Since we now have tools that scan through the source tree looking for files
  with specific support levels, we need to ensure that every file that is
  a component of a 'core' or 'extended' module (or the main Asterisk binary)
  is explicitly marked with its support level. This patch adds support-level
  indications to many more source files in tree, but avoids adding them to
  third-party libraries that are included in the tree and to source files
  that don't end up involved in Asterisk itself.
........
  r369002 | kpfleming | 2012-06-15 10:57:14 -0500 (Fri, 15 Jun 2012) | 3 lines
  
  Add a script to enable finding source files without support-levels defined.
........

Merged revisions 369001-369002 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 369005 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@369013 65c4cc65-6c06-0410-ace0-fbb531ad65f3

If the argument to the system application is quoted, ensure we remove the quotes before trying to execute.

(closes issue #16842)
 Reported by: ip-rob
 Patches: 
       20100310__issue16842.diff.txt uploaded by tilghman (license 14)
 Tested by: ip-rob


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@251877 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch adds 'const' tags to a number of Asterisk APIs where they are appropriate (where the API already demanded that the function argument not be modified, but the compiler was not informed of that fact). The list includes:

- CLI command handlers
- CLI command handler arguments
- AGI command handlers
- AGI command handler arguments
- Dialplan application handler arguments
- Speech engine API function arguments

In addition, various file-scope and function-scope constant arrays got 'const' and/or 'static' qualifiers where they were missing.

Review: https://reviewboard.asterisk.org/r/251/



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@196072 65c4cc65-6c06-0410-ace0-fbb531ad65f3

(closes issue #14231)
 Reported by: jcovert
 Patches: 
       20090113__bug14231__2.diff.txt uploaded by Corydon76 (license 14)
       corrected_20090113__bug14231__2.diff.txt uploaded by jcovert (license 551)
 Tested by: jcovert


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@177664 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This commit introduces the first phase of an effort to manage documentation of the
interfaces in Asterisk in an XML format.  Currently, a new format is available for
applications and dialplan functions.  A good number of conversions to the new format
are also included.

For more information, see the following message to asterisk-dev:

http://lists.digium.com/pipermail/asterisk-dev/2008-October/034968.html


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@153365 65c4cc65-6c06-0410-ace0-fbb531ad65f3

In this commit:
- move the ast_register/unregister_app functions to module.h
  to avoid the need to include pbx.h for the simpler apps;
- move the ast_group structure to channel.h to remove the
  dependency of app.h on linkedlists.h

Note, this is a long process that I am doing in small steps.

The main difficulty is that now for each subsystem we
have a single header (e.g. channel.h) included by the subsystem
provider (usually one file, e.g. channel.c) and by its clients
(dozens of them, e.g. we have some 70+ apps and 30+ functions).

This requires the clients to include all the extra headers
required by the provider (eg. lock.h, linkedlists.h, definitions
of substructures...) even though many of the clients would be
just happy with opaque struct declarations and function prototypes.

The long term plan is to eventually rectify this structure
so that the compilation can become faster, and also APIs
are more stable.



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@89522 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@89518 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@89512 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@89432 65c4cc65-6c06-0410-ace0-fbb531ad65f3

were included almost everywhere.
Remove some of the instances.



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@89424 65c4cc65-6c06-0410-ace0-fbb531ad65f3

build times - tested, there is no measureable difference before and
after this commit.

In this change:

use asterisk/compat.h to include a small set of system headers:
inttypes.h, unistd.h, stddef.h, stddint.h, sys/types.h, stdarg.h,
stdlib.h, alloca.h, stdio.h

Where available, the inclusion is conditional on HAVE_FOO_H as determined
by autoconf.

Normally, source files should not include any of the above system headers,
and instead use either "asterisk.h" or "asterisk/compat.h" which does it
better. 

For the time being I have left alone second-level directories
(main/db1-ast, etc.).



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@89333 65c4cc65-6c06-0410-ace0-fbb531ad65f3

https://origsvn.digium.com/svn/asterisk/branches/1.4

........
r83179 | russell | 2007-09-19 14:50:48 -0500 (Wed, 19 Sep 2007) | 5 lines

The System() and TrySystem() applications can take a substantial amount of
time to execute while not servicing the channel.  So, put the channel in
autoservice while the command is being executed.
(closes issue #10726, reported by mnicholson)

........


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@83180 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Applications no longer need to call ast_module_user_add and ast_module_user_remove. This is now taken care of in the pbx_exec function outside of the application.


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@75200 65c4cc65-6c06-0410-ace0-fbb531ad65f3

It is no longer required for each module that deals with a channel to call ast_module_user_hangup_all in it's unload function. The loader will automatically perform this action for it.


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@75183 65c4cc65-6c06-0410-ace0-fbb531ad65f3

(issue #9926, caio1982)


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@68970 65c4cc65-6c06-0410-ace0-fbb531ad65f3

  - restructured build tree and makefiles to eliminate recursion problems
  - support for embedded modules
  - support for static builds
  - simpler cross-compilation support
  - simpler module/loader interface (no exported symbols)



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@40722 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@32846 65c4cc65-6c06-0410-ace0-fbb531ad65f3

 
As partly documented in loader.c and include/asterisk/module.h,
modules are now expected to return all of their methods and flags
into a structure 'mod_data', and are normally loaded with RTLD_NOW
| RTLD_LOCAL, so symbols are resolved immediately and conflicts
should be less likely.  Only in a small number of cases (res_*,
typically) modules are loaded RTLD_GLOBAL, so they can export
symbols.
 
The core of the change is only the two files loader.c and
include/asterisk/module.h, all the rest is simply adaptation of the
existing modules to the new API, a rather mechanical (but believe
me, time and finger-consuming!) process whose detail you can figure
out by svn diff'ing any single module.

Expect some minor compilation issue after this change, please
report it on mantis http://bugs.digium.com/view.php?id=6968
so we collect all the feedback in one place.

I am just sorry that this change missed SVN version number 20000!



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@20003 65c4cc65-6c06-0410-ace0-fbb531ad65f3

since the module API is changing, it's a good time to const-ify the description() and key() return values


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@18552 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@10241 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@7682 65c4cc65-6c06-0410-ace0-fbb531ad65f3

formatting, remove some unnecessary casts, and other little code cleanups.


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@7331 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@7221 65c4cc65-6c06-0410-ace0-fbb531ad65f3

add missing includes of stdio.h
remove some unused and duplicate headers


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@7026 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6992 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6979 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6864 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6847 65c4cc65-6c06-0410-ace0-fbb531ad65f3

In general, LOCAL_USER_ADD/REMOVE should be the first/last thing called in an
application.  An exception is if there is some *fast* setup code that might
halt the execution of the application, such as checking to see if an argument
exists.


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6832 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6828 65c4cc65-6c06-0410-ace0-fbb531ad65f3

option is enabled


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6769 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6596 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6529 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@5867 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@5490 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@4868 65c4cc65-6c06-0410-ace0-fbb531ad65f3