[Asterisk-bugs] [Asterisk 0010184]: Invalid memory reference crash in aji_handle_presence

noreply at bugs.digium.com noreply at bugs.digium.com
Mon Jul 16 16:32:02 CDT 2007 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=10184 
====================================================================== 
Reported By:                danmckeehan
Assigned To:                phsultan
====================================================================== 
Project:                    Asterisk
Issue ID:                   10184
Category:                   Resources/res_jabber
Reproducibility:            random
Severity:                   crash
Priority:                   normal
Status:                     assigned
Asterisk Version:            SVN 
SVN Branch (only for SVN checkouts, not tarball releases):  trunk 
SVN Revision (number only!): 74204 
Disclaimer on File?:        No 
Request Review:              
====================================================================== 
Date Submitted:             07-11-2007 15:22 CDT
Last Modified:              07-16-2007 16:32 CDT
====================================================================== 
Summary:                    Invalid memory reference crash in
aji_handle_presence
Description: 
I have had the following crash several times.  Crash is in res_jabber:
http://bugs.digium.com/view.php?id=7  0x0012bf8b in aji_handle_presence
(client=Cannot access memory at
address 0xb02b102c
) at res_jabber.c:1283
        status = Cannot access memory at address 0xb02b1018

1283                    if (!strcasecmp(tmp->resource,
pak->from->resource)) {

(gdb) bt full
http://bugs.digium.com/view.php?id=0  0x005388f7 in strcasecmp () from
/lib/libc.so.6
No symbol table info available.
http://bugs.digium.com/view.php?id=1  0x000000b0 in ?? ()
No symbol table info available.
http://bugs.digium.com/view.php?id=2  0x0000006c in ?? ()
No symbol table info available.
http://bugs.digium.com/view.php?id=3  0x00133130 in ?? () from
/usr/lib/asterisk/modules/res_jabber.so
No symbol table info available.
http://bugs.digium.com/view.php?id=4  0x092b1024 in ?? ()
No symbol table info available.
http://bugs.digium.com/view.php?id=5  0x0913ae04 in ?? ()
No symbol table info available.
http://bugs.digium.com/view.php?id=6  0xb7d37e78 in ?? ()
No symbol table info available.
http://bugs.digium.com/view.php?id=7  0x0012bf8b in aji_handle_presence
(client=Cannot access memory at
address 0xb02b102c
) at res_jabber.c:1283
        status = Cannot access memory at address 0xb02b1018


(gdb) list res_jabber.c:1283
warning: Source file is more recent than executable.

1278            priority = atoi((iks_find_cdata(pak->x, "priority")) ?
iks_find_cdata(pak->x, "priority") : "0");
1279            tmp = buddy->resources;
1280            descrip = ast_strdup(iks_find_cdata(pak->x,"status"));
1281
1282            while (tmp) {
1283                    if (!strcasecmp(tmp->resource,
pak->from->resource)) {
1284                            tmp->status = status;
1285                            if (tmp->description)
ast_free(tmp->description);
1286                            tmp->description = descrip;
1287                            found = tmp;

====================================================================== 

---------------------------------------------------------------------- 
 danmckeehan - 07-16-07 16:32  
---------------------------------------------------------------------- 
Got another crash with more info:

0  0x00c24b79 in strcasecmp () from /lib/tls/libc.so.6
http://bugs.digium.com/view.php?id=1  0x002f58a1 in aji_handle_presence
(client=0x8fffa80, pak=0x911320c) at
res_jabber.c:1300
http://bugs.digium.com/view.php?id=2  0x002f6729 in aji_act_hook
(data=0x8fffa80, type=1, node=0x91171f4) at
res_jabber.c:728
http://bugs.digium.com/view.php?id=3  0x009c522f in tagHook (data=0x900064c,
name=0x914c000 "presence",
atts=0x0, type=1) at stream.c:281
http://bugs.digium.com/view.php?id=4  0x009c34fa in iks_parse (prs=0x900068c,
    data=0x9040700 "<presence from=\"redexpo at gmail.com/Talk.v93CC3FA0DC\"
to=\"show2.nowlive.com at gmail.com\"><status>Skype ID:
redexpo</status><priority>0</priority><c
node=\"http://www.google.com/xmpp/client/caps\" ver=\"1.0.0"..., len=368,
finish=0) at sax.c:323
http://bugs.digium.com/view.php?id=5  0x009c4cf4 in iks_recv (prs=0x900068c,
timeout=1) at stream.c:471
http://bugs.digium.com/view.php?id=6  0x002f5154 in aji_recv_loop
(data=0x8fffa80) at res_jabber.c:1658
http://bugs.digium.com/view.php?id=7  0x080ff2e5 in dummy_start (data=0xce23a0)
at utils.c:546
http://bugs.digium.com/view.php?id=8  0x00d2a3cc in start_thread () from
/lib/tls/libpthread.so.0
http://bugs.digium.com/view.php?id=9  0x00c82c3e in clone () from
/lib/tls/libc.so.6

The line numbers are off because of some logging and various patches for
google talk.  Interestingly enough this user is using the 1.0.0.93 version
of the client and pushes its presence every couple seconds. 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
07-16-07 16:32  danmckeehan    Note Added: 0067410                          
======================================================================

More information about the asterisk-bugs mailing list