Fix DEBUG_THREADS when lock is acquired in __constructor__
[asterisk/asterisk.git] / main / utils.c
index 256e61f..e2c5e2c 100644 (file)
  * Please consult the CODING GUIDELINES for more information.
  */
 
+/*** MODULEINFO
+       <support_level>core</support_level>
+ ***/
+
 #include "asterisk.h"
 
 ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
 
 #include <ctype.h>
-#include <sys/stat.h>
-#include <sys/stat.h>
-
-#ifdef HAVE_DEV_URANDOM
 #include <fcntl.h>
-#endif
-
+#include <sys/stat.h>
 #include <sys/syscall.h>
+#include <unistd.h>
 #if defined(__APPLE__)
 #include <mach/mach.h>
 #elif defined(HAVE_SYS_THR_H)
@@ -43,6 +43,7 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
 #endif
 
 #include "asterisk/network.h"
+#include "asterisk/ast_version.h"
 
 #define AST_API_MODULE         /* ensure that inlinable API functions will be built in lock.h if required */
 #include "asterisk/lock.h"
@@ -84,12 +85,12 @@ AST_MUTEX_DEFINE_STATIC(__mutex);
 
 /*! \brief Reentrant replacement for gethostbyname for BSD-based systems.
 \note This
-routine is derived from code originally written and placed in the public 
+routine is derived from code originally written and placed in the public
 domain by Enzo Michelangeli <em@em.no-ip.com> */
 
 static int gethostbyname_r (const char *name, struct hostent *ret, char *buf,
-                               size_t buflen, struct hostent **result, 
-                               int *h_errnop) 
+                               size_t buflen, struct hostent **result,
+                               int *h_errnop)
 {
        int hsave;
        struct hostent *ph;
@@ -184,7 +185,7 @@ static int gethostbyname_r (const char *name, struct hostent *ret, char *buf,
 
 #endif
 
-/*! \brief Re-entrant (thread safe) version of gethostbyname that replaces the 
+/*! \brief Re-entrant (thread safe) version of gethostbyname that replaces the
    standard gethostbyname (which is not thread safe)
 */
 struct hostent *ast_gethostbyname(const char *host, struct ast_hostent *hp)
@@ -220,7 +221,7 @@ struct hostent *ast_gethostbyname(const char *host, struct ast_hostent *hp)
                if (inet_pton(AF_INET, host, hp->hp.h_addr) > 0)
                        return &hp->hp;
                return NULL;
-               
+
        }
 #ifdef HAVE_GETHOSTBYNAME_R_5
        result = gethostbyname_r(host, &hp->hp, hp->buf, sizeof(hp->buf), &herrno);
@@ -261,7 +262,7 @@ void ast_sha1_hash(char *output, const char *input)
        uint8_t Message_Digest[20];
 
        SHA1Reset(&sha);
-       
+
        SHA1Input(&sha, (const unsigned char *) input, strlen(input));
 
        SHA1Result(&sha, Message_Digest);
@@ -270,6 +271,18 @@ void ast_sha1_hash(char *output, const char *input)
                ptr += sprintf(ptr, "%2.2x", Message_Digest[x]);
 }
 
+/*! \brief Produce a 20 byte SHA1 hash of value. */
+void ast_sha1_hash_uint(uint8_t *digest, const char *input)
+{
+        struct SHA1Context sha;
+
+        SHA1Reset(&sha);
+
+        SHA1Input(&sha, (const unsigned char *) input, strlen(input));
+
+        SHA1Result(&sha, digest);
+}
+
 /*! \brief decode BASE64 encoded text */
 int ast_base64decode(unsigned char *dst, const char *src, int max)
 {
@@ -284,7 +297,7 @@ int ast_base64decode(unsigned char *dst, const char *src, int max)
                bits += 6;
                src++;
                incnt++;
-               /* If we have at least 8 bits left over, take that character 
+               /* If we have at least 8 bits left over, take that character
                   off the top */
                if (bits >= 8)  {
                        bits -= 8;
@@ -329,7 +342,7 @@ int ast_base64encode_full(char *dst, const unsigned char *src, int srclen, int m
                }
        }
        if (bits && (cnt + 4 <= max)) {
-               /* Add one last character for the remaining bits, 
+               /* Add one last character for the remaining bits,
                   padding the rest with 0 */
                byte <<= 24 - bits;
                *dst++ = base64[(byte >> 18) & 0x3f];
@@ -469,6 +482,69 @@ char *ast_escape_quoted(const char *string, char *outbuf, int buflen)
 
        return outbuf;
 }
+int ast_xml_escape(const char *string, char * const outbuf, const size_t buflen)
+{
+       char *dst = outbuf;
+       char *end = outbuf + buflen - 1; /* save one for the null terminator */
+
+       /* Handle the case for the empty output buffer */
+       if (buflen == 0) {
+               return -1;
+       }
+
+       /* Escaping rules from http://www.w3.org/TR/REC-xml/#syntax */
+       /* This also prevents partial entities at the end of a string */
+       while (*string && dst < end) {
+               const char *entity = NULL;
+               int len = 0;
+
+               switch (*string) {
+               case '<':
+                       entity = "&lt;";
+                       len = 4;
+                       break;
+               case '&':
+                       entity = "&amp;";
+                       len = 5;
+                       break;
+               case '>':
+                       /* necessary if ]]> is in the string; easier to escape them all */
+                       entity = "&gt;";
+                       len = 4;
+                       break;
+               case '\'':
+                       /* necessary in single-quoted strings; easier to escape them all */
+                       entity = "&apos;";
+                       len = 6;
+                       break;
+               case '"':
+                       /* necessary in double-quoted strings; easier to escape them all */
+                       entity = "&quot;";
+                       len = 6;
+                       break;
+               default:
+                       *dst++ = *string++;
+                       break;
+               }
+
+               if (entity) {
+                       ast_assert(len == strlen(entity));
+                       if (end - dst < len) {
+                               /* no room for the entity; stop */
+                               break;
+                       }
+                       /* just checked for length; strcpy is fine */
+                       strcpy(dst, entity);
+                       dst += len;
+                       ++string;
+               }
+       }
+       /* Write null terminator */
+       *dst = '\0';
+       /* If any chars are left in string, return failure */
+       return *string == '\0' ? 0 : -1;
+}
+
 /*! \brief  ast_inet_ntoa: Recursive thread safe replacement of inet_ntoa */
 const char *ast_inet_ntoa(struct in_addr ia)
 {
@@ -480,9 +556,7 @@ const char *ast_inet_ntoa(struct in_addr ia)
        return inet_ntop(AF_INET, &ia, buf, INET_ADDRSTRLEN);
 }
 
-#ifdef HAVE_DEV_URANDOM
 static int dev_urandom_fd;
-#endif
 
 #ifndef __linux__
 #undef pthread_create /* For ast_pthread_create function only */
@@ -502,8 +576,8 @@ static int dev_urandom_fd;
 #undef pthread_mutex_init
 #undef pthread_mutex_destroy
 
-/*! 
- * \brief Keep track of which locks a thread holds 
+/*!
+ * \brief Keep track of which locks a thread holds
  *
  * There is an instance of this struct for every active thread
  */
@@ -523,6 +597,8 @@ struct thr_lock_info {
                enum ast_lock_type type;
                /*! This thread is waiting on this lock */
                int pending:2;
+               /*! A condition has suspended this lock */
+               int suspended:1;
 #ifdef HAVE_BKTR
                struct ast_bt *backtrace;
 #endif
@@ -531,18 +607,18 @@ struct thr_lock_info {
         *  The index (num_locks - 1) has the info on the last one in the
         *  locks member */
        unsigned int num_locks;
-       /*! Protects the contents of the locks member 
+       /*! Protects the contents of the locks member
         * Intentionally not ast_mutex_t */
        pthread_mutex_t lock;
        AST_LIST_ENTRY(thr_lock_info) entry;
 };
 
-/*! 
- * \brief Locked when accessing the lock_infos list 
+/*!
+ * \brief Locked when accessing the lock_infos list
  */
 AST_MUTEX_DEFINE_STATIC(lock_infos_lock);
 /*!
- * \brief A list of each thread's lock info 
+ * \brief A list of each thread's lock info
  */
 static AST_LIST_HEAD_NOLOCK_STATIC(lock_infos, thr_lock_info);
 
@@ -568,8 +644,8 @@ static void lock_info_destroy(void *data)
                        break;
                }
 
-               ast_log(LOG_ERROR, 
-                       "Thread '%s' still has a lock! - '%s' (%p) from '%s' in %s:%d!\n", 
+               ast_log(LOG_ERROR,
+                       "Thread '%s' still has a lock! - '%s' (%p) from '%s' in %s:%d!\n",
                        lock_info->thread_name,
                        lock_info->locks[i].lock_name,
                        lock_info->locks[i].lock_addr,
@@ -709,6 +785,60 @@ int ast_find_lock_info(void *lock_addr, char *filename, size_t filename_size, in
        return 0;
 }
 
+void ast_suspend_lock_info(void *lock_addr)
+{
+       struct thr_lock_info *lock_info;
+       int i = 0;
+
+       if (!(lock_info = ast_threadstorage_get(&thread_lock_info, sizeof(*lock_info)))) {
+               return;
+       }
+
+       pthread_mutex_lock(&lock_info->lock);
+
+       for (i = lock_info->num_locks - 1; i >= 0; i--) {
+               if (lock_info->locks[i].lock_addr == lock_addr)
+                       break;
+       }
+
+       if (i == -1) {
+               /* Lock not found :( */
+               pthread_mutex_unlock(&lock_info->lock);
+               return;
+       }
+
+       lock_info->locks[i].suspended = 1;
+
+       pthread_mutex_unlock(&lock_info->lock);
+}
+
+void ast_restore_lock_info(void *lock_addr)
+{
+       struct thr_lock_info *lock_info;
+       int i = 0;
+
+       if (!(lock_info = ast_threadstorage_get(&thread_lock_info, sizeof(*lock_info))))
+               return;
+
+       pthread_mutex_lock(&lock_info->lock);
+
+       for (i = lock_info->num_locks - 1; i >= 0; i--) {
+               if (lock_info->locks[i].lock_addr == lock_addr)
+                       break;
+       }
+
+       if (i == -1) {
+               /* Lock not found :( */
+               pthread_mutex_unlock(&lock_info->lock);
+               return;
+       }
+
+       lock_info->locks[i].suspended = 0;
+
+       pthread_mutex_unlock(&lock_info->lock);
+}
+
+
 #ifdef HAVE_BKTR
 void ast_remove_lock_info(void *lock_addr, struct ast_bt *bt)
 #else
@@ -745,7 +875,7 @@ void ast_remove_lock_info(void *lock_addr)
 
        if (i < lock_info->num_locks - 1) {
                /* Not the last one ... *should* be rare! */
-               memmove(&lock_info->locks[i], &lock_info->locks[i + 1], 
+               memmove(&lock_info->locks[i], &lock_info->locks[i + 1],
                        (lock_info->num_locks - (i + 1)) * sizeof(lock_info->locks[0]));
        }
 
@@ -772,20 +902,24 @@ static const char *locktype2str(enum ast_lock_type type)
 static void append_backtrace_information(struct ast_str **str, struct ast_bt *bt)
 {
        char **symbols;
+       int num_frames;
 
        if (!bt) {
                ast_str_append(str, 0, "\tNo backtrace to print\n");
                return;
        }
 
-       if ((symbols = ast_bt_get_symbols(bt->addresses, bt->num_frames))) {
+       /* store frame count locally to avoid the memory corruption that
+        * sometimes happens on virtualized CentOS 6.x systems */
+       num_frames = bt->num_frames;
+       if ((symbols = ast_bt_get_symbols(bt->addresses, num_frames))) {
                int frame_iterator;
-               
-               for (frame_iterator = 0; frame_iterator < bt->num_frames; ++frame_iterator) {
+
+               for (frame_iterator = 0; frame_iterator < num_frames; ++frame_iterator) {
                        ast_str_append(str, 0, "\t%s\n", symbols[frame_iterator]);
                }
 
-               free(symbols);
+               ast_std_free(symbols);
        } else {
                ast_str_append(str, 0, "\tCouldn't retrieve backtrace symbols\n");
        }
@@ -797,27 +931,28 @@ static void append_lock_information(struct ast_str **str, struct thr_lock_info *
        int j;
        ast_mutex_t *lock;
        struct ast_lock_track *lt;
-       
-       ast_str_append(str, 0, "=== ---> %sLock #%d (%s): %s %d %s %s %p (%d)\n", 
-                                  lock_info->locks[i].pending > 0 ? "Waiting for " : 
+
+       ast_str_append(str, 0, "=== ---> %sLock #%d (%s): %s %d %s %s %p (%d%s)\n",
+                                  lock_info->locks[i].pending > 0 ? "Waiting for " :
                                   lock_info->locks[i].pending < 0 ? "Tried and failed to get " : "", i,
-                                  lock_info->locks[i].file, 
+                                  lock_info->locks[i].file,
                                   locktype2str(lock_info->locks[i].type),
                                   lock_info->locks[i].line_num,
                                   lock_info->locks[i].func, lock_info->locks[i].lock_name,
-                                  lock_info->locks[i].lock_addr, 
-                                  lock_info->locks[i].times_locked);
+                                  lock_info->locks[i].lock_addr,
+                                  lock_info->locks[i].times_locked,
+                                  lock_info->locks[i].suspended ? " - suspended" : "");
 #ifdef HAVE_BKTR
        append_backtrace_information(str, lock_info->locks[i].backtrace);
 #endif
-       
+
        if (!lock_info->locks[i].pending || lock_info->locks[i].pending == -1)
                return;
-       
+
        /* We only have further details for mutexes right now */
        if (lock_info->locks[i].type != AST_MUTEX)
                return;
-       
+
        lock = lock_info->locks[i].lock_addr;
        lt = lock->track;
        ast_reentrancy_lock(lt);
@@ -825,14 +960,14 @@ static void append_lock_information(struct ast_str **str, struct thr_lock_info *
                ast_str_append(str, 0, "=== --- ---> Locked Here: %s line %d (%s)\n",
                                           lt->file[j], lt->lineno[j], lt->func[j]);
        }
-       ast_reentrancy_unlock(lt);      
+       ast_reentrancy_unlock(lt);
 }
 
 
-/*! This function can help you find highly temporal locks; locks that happen for a 
+/*! This function can help you find highly temporal locks; locks that happen for a
     short time, but at unexpected times, usually at times that create a deadlock,
        Why is this thing locked right then? Who is locking it? Who am I fighting
-    with for this lock? 
+    with for this lock?
 
        To answer such questions, just call this routine before you would normally try
        to aquire a lock. It doesn't do anything if the lock is not acquired. If the
@@ -848,7 +983,7 @@ static void append_lock_information(struct ast_str **str, struct thr_lock_info *
        which will give a stack trace and continue. -- that aught to do the job!
 
 */
-void log_show_lock(void *this_lock_addr)
+void ast_log_show_lock(void *this_lock_addr)
 {
        struct thr_lock_info *lock_info;
        struct ast_str *str;
@@ -857,7 +992,7 @@ void log_show_lock(void *this_lock_addr)
                ast_log(LOG_NOTICE,"Could not create str\n");
                return;
        }
-       
+
 
        pthread_mutex_lock(&lock_infos_lock.mutex);
        AST_LIST_TRAVERSE(&lock_infos, lock_info, entry) {
@@ -879,67 +1014,92 @@ void log_show_lock(void *this_lock_addr)
 }
 
 
-static char *handle_show_locks(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
+struct ast_str *ast_dump_locks(void)
 {
        struct thr_lock_info *lock_info;
        struct ast_str *str;
 
-       if (!(str = ast_str_create(4096)))
-               return CLI_FAILURE;
-
-       switch (cmd) {
-       case CLI_INIT:
-               e->command = "core show locks";
-               e->usage =
-                       "Usage: core show locks\n"
-                       "       This command is for lock debugging.  It prints out which locks\n"
-                       "are owned by each active thread.\n";
-               return NULL;
-
-       case CLI_GENERATE:
+       if (!(str = ast_str_create(4096))) {
                return NULL;
        }
 
-       ast_str_append(&str, 0, "\n" 
+       ast_str_append(&str, 0, "\n"
                       "=======================================================================\n"
-                      "=== Currently Held Locks ==============================================\n"
+                      "=== %s\n"
+                      "=== Currently Held Locks\n"
                       "=======================================================================\n"
                       "===\n"
                       "=== <pending> <lock#> (<file>): <lock type> <line num> <function> <lock name> <lock addr> (times locked)\n"
-                      "===\n");
+                      "===\n", ast_get_version());
 
-       if (!str)
-               return CLI_FAILURE;
+       if (!str) {
+               return NULL;
+       }
 
        pthread_mutex_lock(&lock_infos_lock.mutex);
        AST_LIST_TRAVERSE(&lock_infos, lock_info, entry) {
                int i;
-               if (lock_info->num_locks) {
-                       ast_str_append(&str, 0, "=== Thread ID: 0x%lx (%s)\n", (long) lock_info->thread_id,
-                               lock_info->thread_name);
-                       pthread_mutex_lock(&lock_info->lock);
-                       for (i = 0; str && i < lock_info->num_locks; i++) {
-                               append_lock_information(&str, lock_info, i);
+               int header_printed = 0;
+               pthread_mutex_lock(&lock_info->lock);
+               for (i = 0; str && i < lock_info->num_locks; i++) {
+                       /* Don't show suspended locks */
+                       if (lock_info->locks[i].suspended) {
+                               continue;
                        }
-                       pthread_mutex_unlock(&lock_info->lock);
-                       if (!str)
-                               break;
+
+                       if (!header_printed) {
+                               ast_str_append(&str, 0, "=== Thread ID: 0x%lx (%s)\n", (long) lock_info->thread_id,
+                                       lock_info->thread_name);
+                               header_printed = 1;
+                       }
+
+                       append_lock_information(&str, lock_info, i);
+               }
+               pthread_mutex_unlock(&lock_info->lock);
+               if (!str) {
+                       break;
+               }
+               if (header_printed) {
                        ast_str_append(&str, 0, "=== -------------------------------------------------------------------\n"
-                                      "===\n");
-                       if (!str)
-                               break;
+                               "===\n");
+               }
+               if (!str) {
+                       break;
                }
        }
        pthread_mutex_unlock(&lock_infos_lock.mutex);
 
-       if (!str)
-               return CLI_FAILURE;
+       if (!str) {
+               return NULL;
+       }
 
        ast_str_append(&str, 0, "=======================================================================\n"
                       "\n");
 
-       if (!str)
+       return str;
+}
+
+static char *handle_show_locks(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
+{
+       struct ast_str *str;
+
+       switch (cmd) {
+       case CLI_INIT:
+               e->command = "core show locks";
+               e->usage =
+                       "Usage: core show locks\n"
+                       "       This command is for lock debugging.  It prints out which locks\n"
+                       "are owned by each active thread.\n";
+               return NULL;
+
+       case CLI_GENERATE:
+               return NULL;
+       }
+
+       str = ast_dump_locks();
+       if (!str) {
                return CLI_FAILURE;
+       }
 
        ast_cli(a->fd, "%s", ast_str_buffer(str));
 
@@ -979,18 +1139,7 @@ static void *dummy_start(void *data)
 #ifdef DEBUG_THREADS
        struct thr_lock_info *lock_info;
        pthread_mutexattr_t mutex_attr;
-#endif
 
-       /* note that even though data->name is a pointer to allocated memory,
-          we are not freeing it here because ast_register_thread is going to
-          keep a copy of the pointer and then ast_unregister_thread will
-          free the memory
-       */
-       ast_free(data);
-       ast_register_thread(a.name);
-       pthread_cleanup_push(ast_unregister_thread, (void *) pthread_self());
-
-#ifdef DEBUG_THREADS
        if (!(lock_info = ast_threadstorage_get(&thread_lock_info, sizeof(*lock_info))))
                return NULL;
 
@@ -1007,6 +1156,15 @@ static void *dummy_start(void *data)
        pthread_mutex_unlock(&lock_infos_lock.mutex); /* Intentionally not the wrapper */
 #endif /* DEBUG_THREADS */
 
+       /* note that even though data->name is a pointer to allocated memory,
+          we are not freeing it here because ast_register_thread is going to
+          keep a copy of the pointer and then ast_unregister_thread will
+          free the memory
+       */
+       ast_free(data);
+       ast_register_thread(a.name);
+       pthread_cleanup_push(ast_unregister_thread, (void *) pthread_self());
+
        ret = a.start_routine(a.data);
 
        pthread_cleanup_pop(1);
@@ -1025,7 +1183,7 @@ int ast_pthread_create_stack(pthread_t *thread, pthread_attr_t *attr, void *(*st
 #endif
 
        if (!attr) {
-               attr = alloca(sizeof(*attr));
+               attr = ast_alloca(sizeof(*attr));
                pthread_attr_init(attr);
        }
 
@@ -1052,9 +1210,8 @@ int ast_pthread_create_stack(pthread_t *thread, pthread_attr_t *attr, void *(*st
                a->start_routine = start_routine;
                a->data = data;
                start_routine = dummy_start;
-               if (asprintf(&a->name, "%-20s started at [%5d] %s %s()",
+               if (ast_asprintf(&a->name, "%-20s started at [%5d] %s %s()",
                             start_fn, line, file, caller) < 0) {
-                       ast_log(LOG_WARNING, "asprintf() failed: %s\n", strerror(errno));
                        a->name = NULL;
                }
                data = a;
@@ -1073,7 +1230,7 @@ int ast_pthread_create_detached_stack(pthread_t *thread, pthread_attr_t *attr, v
        int res;
 
        if (!attr) {
-               attr = alloca(sizeof(*attr));
+               attr = ast_alloca(sizeof(*attr));
                pthread_attr_init(attr);
                attr_destroy = 1;
        }
@@ -1081,7 +1238,7 @@ int ast_pthread_create_detached_stack(pthread_t *thread, pthread_attr_t *attr, v
        if ((errno = pthread_attr_setdetachstate(attr, PTHREAD_CREATE_DETACHED)))
                ast_log(LOG_WARNING, "pthread_attr_setdetachstate: %s\n", strerror(errno));
 
-       res = ast_pthread_create_stack(thread, attr, start_routine, data, 
+       res = ast_pthread_create_stack(thread, attr, start_routine, data,
                                       stacksize, file, caller, line, start_fn);
 
        if (attr_destroy)
@@ -1152,7 +1309,7 @@ static int ast_wait_for_output(int fd, int timeoutms)
  * If the descriptor is blocking, all assumptions on the guaranteed
  * detail do not apply anymore.
  */
-int ast_carefulwrite(int fd, char *s, int len, int timeoutms) 
+int ast_carefulwrite(int fd, char *s, int len, int timeoutms)
 {
        struct timeval start = ast_tvnow();
        int res = 0;
@@ -1183,7 +1340,7 @@ int ast_carefulwrite(int fd, char *s, int len, int timeoutms)
 
                elapsed = ast_tvdiff_ms(ast_tvnow(), start);
                if (elapsed >= timeoutms) {
-                       /* We've taken too long to write 
+                       /* We've taken too long to write
                         * This is only an error condition if we haven't finished writing. */
                        res = len ? -1 : 0;
                        break;
@@ -1226,7 +1383,7 @@ int ast_careful_fwrite(FILE *f, int fd, const char *src, size_t len, int timeout
 
                elapsed = ast_tvdiff_ms(ast_tvnow(), start);
                if (elapsed >= timeoutms) {
-                       /* We've taken too long to write 
+                       /* We've taken too long to write
                         * This is only an error condition if we haven't finished writing. */
                        n = len ? -1 : 0;
                        break;
@@ -1350,6 +1507,26 @@ int ast_build_string(char **buffer, size_t *space, const char *fmt, ...)
        return result;
 }
 
+int ast_regex_string_to_regex_pattern(const char *regex_string, struct ast_str **regex_pattern)
+{
+       int regex_len = strlen(regex_string);
+       int ret = 3;
+
+       /* Chop off the leading / if there is one */
+       if ((regex_len >= 1) && (regex_string[0] == '/')) {
+               ast_str_set(regex_pattern, 0, "%s", regex_string + 1);
+               ret -= 2;
+       }
+
+       /* Chop off the ending / if there is one */
+       if ((regex_len > 1) && (regex_string[regex_len - 1] == '/')) {
+               ast_str_truncate(*regex_pattern, -1);
+               ret -= 1;
+       }
+
+       return ret;
+}
+
 int ast_true(const char *s)
 {
        if (ast_strlen_zero(s))
@@ -1431,10 +1608,33 @@ struct timeval ast_tvsub(struct timeval a, struct timeval b)
        }
        return a;
 }
-#undef ONE_MILLION
 
-/*! \brief glibc puts a lock inside random(3), so that the results are thread-safe.
- * BSD libc (and others) do not. */
+int ast_remaining_ms(struct timeval start, int max_ms)
+{
+       int ms;
+
+       if (max_ms < 0) {
+               ms = max_ms;
+       } else {
+               ms = max_ms - ast_tvdiff_ms(ast_tvnow(), start);
+               if (ms < 0) {
+                       ms = 0;
+               }
+       }
+
+       return ms;
+}
+
+void ast_format_duration_hh_mm_ss(int duration, char *buf, size_t length)
+{
+       int durh, durm, durs;
+       durh = duration / 3600;
+       durm = (duration % 3600) / 60;
+       durs = duration % 60;
+       snprintf(buf, length, "%02d:%02d:%02d", durh, durm, durs);
+}
+
+#undef ONE_MILLION
 
 #ifndef linux
 AST_MUTEX_DEFINE_STATIC(randomlock);
@@ -1443,7 +1643,7 @@ AST_MUTEX_DEFINE_STATIC(randomlock);
 long int ast_random(void)
 {
        long int res;
-#ifdef HAVE_DEV_URANDOM
+
        if (dev_urandom_fd >= 0) {
                int read_res = read(dev_urandom_fd, &res, sizeof(res));
                if (read_res > 0) {
@@ -1453,7 +1653,14 @@ long int ast_random(void)
                        return res % rm;
                }
        }
-#endif
+
+       /* XXX - Thread safety really depends on the libc, not the OS.
+        *
+        * But... popular Linux libc's (uClibc, glibc, eglibc), all have a
+        * somewhat thread safe random(3) (results are random, but not
+        * reproducible). The libc's for other systems (BSD, et al.), not so
+        * much.
+        */
 #ifdef linux
        res = random();
 #else
@@ -1464,9 +1671,18 @@ long int ast_random(void)
        return res;
 }
 
+void ast_replace_subargument_delimiter(char *s)
+{
+       for (; *s; s++) {
+               if (*s == '^') {
+                       *s = ',';
+               }
+       }
+}
+
 char *ast_process_quotes_and_slashes(char *start, char find, char replace_with)
 {
-       char *dataPut = start;
+       char *dataPut = start;
        int inEscape = 0;
        int inQuotes = 0;
 
@@ -1818,7 +2034,7 @@ void *__ast_calloc_with_stringfields(unsigned int num_structs, size_t struct_siz
        void *allocation;
        unsigned int x;
 
-#if defined(__AST_DEBUG_MALLOC)        
+#if defined(__AST_DEBUG_MALLOC)
        if (!(allocation = __ast_calloc(num_structs, size_to_alloc, file, lineno, func))) {
                return NULL;
        }
@@ -1925,7 +2141,7 @@ void ast_enable_packet_fragmentation(int sock)
 {
 #if defined(HAVE_IP_MTU_DISCOVER)
        int val = IP_PMTUDISC_DONT;
-       
+
        if (setsockopt(sock, IPPROTO_IP, IP_MTU_DISCOVER, &val, sizeof(val)))
                ast_log(LOG_WARNING, "Unable to disable PMTU discovery. Large UDP packets may fail to be delivered when sent from this socket.\n");
 #endif /* HAVE_IP_MTU_DISCOVER */
@@ -1937,7 +2153,7 @@ int ast_mkdir(const char *path, int mode)
        int len = strlen(path), count = 0, x, piececount = 0;
        char *tmp = ast_strdupa(path);
        char **pieces;
-       char *fullpath = alloca(len + 1);
+       char *fullpath = ast_alloca(len + 1);
        int res = 0;
 
        for (ptr = tmp; *ptr; ptr++) {
@@ -1946,7 +2162,7 @@ int ast_mkdir(const char *path, int mode)
        }
 
        /* Count the components to the directory path */
-       pieces = alloca(count * sizeof(*pieces));
+       pieces = ast_alloca(count * sizeof(*pieces));
        for (ptr = tmp; *ptr; ptr++) {
                if (*ptr == '/') {
                        *ptr = '\0';
@@ -1966,11 +2182,103 @@ int ast_mkdir(const char *path, int mode)
        return 0;
 }
 
+static int safe_mkdir(const char *base_path, char *path, int mode)
+{
+       RAII_VAR(char *, absolute_path, NULL, free);
+
+       absolute_path = realpath(path, NULL);
+
+       if (absolute_path) {
+               /* Path exists, but is it in the right place? */
+               if (!ast_begins_with(absolute_path, base_path)) {
+                       return EPERM;
+               }
+
+               /* It is in the right place! */
+               return 0;
+       } else {
+               /* Path doesn't exist. */
+
+               /* The slash terminating the subpath we're checking */
+               char *path_term = strchr(path, '/');
+               /* True indicates the parent path is within base_path */
+               int parent_is_safe = 0;
+               int res;
+
+               while (path_term) {
+                       RAII_VAR(char *, absolute_subpath, NULL, free);
+
+                       /* Truncate the path one past the slash */
+                       char c = *(path_term + 1);
+                       *(path_term + 1) = '\0';
+                       absolute_subpath = realpath(path, NULL);
+
+                       if (absolute_subpath) {
+                               /* Subpath exists, but is it safe? */
+                               parent_is_safe = ast_begins_with(
+                                       absolute_subpath, base_path);
+                       } else if (parent_is_safe) {
+                               /* Subpath does not exist, but parent is safe
+                                * Create it */
+                               res = mkdir(path, mode);
+                               if (res != 0) {
+                                       ast_assert(errno != EEXIST);
+                                       return errno;
+                               }
+                       } else {
+                               /* Subpath did not exist, parent was not safe
+                                * Fail! */
+                               errno = EPERM;
+                               return errno;
+                       }
+                       /* Restore the path */
+                       *(path_term + 1) = c;
+                       /* Move on to the next slash */
+                       path_term = strchr(path_term + 1, '/');
+               }
+
+               /* Now to build the final path, but only if it's safe */
+               if (!parent_is_safe) {
+                       errno = EPERM;
+                       return errno;
+               }
+
+               res = mkdir(path, mode);
+               if (res != 0 && errno != EEXIST) {
+                       return errno;
+               }
+
+               return 0;
+       }
+}
+
+int ast_safe_mkdir(const char *base_path, const char *path, int mode)
+{
+       RAII_VAR(char *, absolute_base_path, NULL, free);
+       RAII_VAR(char *, p, NULL, ast_free);
+
+       if (base_path == NULL || path == NULL) {
+               errno = EFAULT;
+               return errno;
+       }
+
+       p = ast_strdup(path);
+       if (p == NULL) {
+               errno = ENOMEM;
+               return errno;
+       }
+
+       absolute_base_path = realpath(base_path, NULL);
+       if (absolute_base_path == NULL) {
+               return errno;
+       }
+
+       return safe_mkdir(absolute_base_path, p, mode);
+}
+
 int ast_utils_init(void)
 {
-#ifdef HAVE_DEV_URANDOM
        dev_urandom_fd = open("/dev/urandom", O_RDONLY);
-#endif
        base64_init();
 #ifdef DEBUG_THREADS
 #if !defined(LOW_MEMORY)
@@ -2154,3 +2462,35 @@ char *ast_utils_which(const char *binary, char *fullpath, size_t fullpath_size)
        return NULL;
 }
 
+void ast_do_crash(void)
+{
+#if defined(DO_CRASH)
+       abort();
+       /*
+        * Just in case abort() doesn't work or something else super
+        * silly, and for Qwell's amusement.
+        */
+       *((int *) 0) = 0;
+#endif /* defined(DO_CRASH) */
+}
+
+#if defined(AST_DEVMODE)
+void __ast_assert_failed(int condition, const char *condition_str, const char *file, int line, const char *function)
+{
+       /*
+        * Attempt to put it into the logger, but hope that at least
+        * someone saw the message on stderr ...
+        */
+       ast_log(__LOG_ERROR, file, line, function, "FRACK!, Failed assertion %s (%d)\n",
+               condition_str, condition);
+       fprintf(stderr, "FRACK!, Failed assertion %s (%d) at line %d in %s of %s\n",
+               condition_str, condition, line, function, file);
+       /*
+        * Give the logger a chance to get the message out, just in case
+        * we abort(), or Asterisk crashes due to whatever problem just
+        * happened after we exit ast_assert().
+        */
+       usleep(1);
+       ast_do_crash();
+}
+#endif /* defined(AST_DEVMODE) */