Page 1 of 1

ASTupdate crashes inserting agi params into live_channels

PostPosted: Tue Jul 17, 2018 1:20 pm
by Acidshock
Got a weird problem. ASTupdate keeps crashing when its trying to insert data from a TTS agi that I have modified to use the google Wavenet library. I am at a complete loss of words on how its interpreting the data as extension/channel data and is getting referenced. Can someone give me some clues as to maybe work around this problem?

I call the AGI via a custom dial plan in the call menu.

exten => B,1,Playback(DynIVRIntroGCDHello)
exten => B,2,agi(googlecloudtts.agi,"Hello "~~${first_name}~~". We see that you are calling about order "~~${custom_order}~~". on ."~~${custom_date}~~". at ."~~${custom_time}~~"...",en)
exten => B,3,Playback(DynIVRIntroGCDPart2)
exten => B,4,Playback(DynIVRIntroGCDPart3)
exten => B,5,WaitExten(5)



DBD::mysql::db do failed: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '219878'~~". on ."~~04/25/2018~~". at ."~~12:00 PM~~"..."','"~~'219878'~~". on ."~~04/25/2018~~". at ."~~12:00 PM~~".' at line 1 at /usr/share/astguiclient/AST_update.pl line 991.
Couldn't execute query: |INSERT INTO live_channels (channel,server_ip,extension,channel_data) values('SIP/flr-00000251','192.168.0.33','"~~'219878'~~". on ."~~04/25/2018~~". at ."~~12:00 PM~~"..."','"~~'219878'~~". on ."~~04/25/2018~~". at ."~~12:00 PM~~"...",en')|

Re: ASTupdate crashes inserting agi params into live_channel

PostPosted: Tue Jul 17, 2018 1:34 pm
by mflorell
What is the admin.php version and build on that system?

Re: ASTupdate crashes inserting agi params into live_channel

PostPosted: Tue Jul 17, 2018 1:34 pm
by Acidshock
VERSION: 2.14-645a
BUILD: 171214-2045

Re: ASTupdate crashes inserting agi params into live_channel

PostPosted: Tue Jul 17, 2018 4:29 pm
by Acidshock
Got a work around that seems to be working. I offloaded the text into its own AGI and then passed variables over using --- as a separator similar to other AGIs that VICIDIAL uses. Really wanted to keep it so that I could supply the text in the dial plan but special characters seem to be an issue and I dont know how to sanitize so that its not breaking if the ASTupdate script picks it up. I guess it could be used as a method for SQL injection too.