[asterisk-bugs] [Asterisk 0011183]: Segfault on Action: Command / Command: core show channels concise

noreply at bugs.digium.com noreply at bugs.digium.com
Wed Nov 7 08:24:53 CST 2007 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=11183 
====================================================================== 
Reported By:                arnd
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   11183
Category:                   Core/ManagerInterface
Reproducibility:            always
Severity:                   crash
Priority:                   normal
Status:                     new
Asterisk Version:            1.4.11  
SVN Branch (only for SVN checkouts, not tarball releases): N/A  
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             11-07-2007 07:47 CST
Last Modified:              11-07-2007 08:24 CST
====================================================================== 
Summary:                    Segfault on Action: Command / Command: core show
channels concise
Description: 
Following Command generates a Segfault under certain conditions:

Action: Command
Command: core show channels concise

Reason:
The Command returns among other things the current Application and
Application Data of all Channels. If inside the Application Data are
combinations like "%i" used, Asterisk crashes with segfault.

Through looking inside the Code, i;ve found, that after the Data has been
collected, the Function astman_append is called, to add the Data to the
Managment Answer Packet. 
Inside astmam_append ast_dynamic_str_thread_set_va is called which in Turn
is using the Systemlibarycall vsnprintf.
vsnprintf is then trying to substitute the %-Patterns with Data from the
Stack, but the Stack is empty => Segvault.

====================================================================== 

---------------------------------------------------------------------- 
 ys - 11-07-07 08:24  
---------------------------------------------------------------------- 
Hm

my be
astman_append(s, S_OR(final_buf, buf));
need to be replaced to:
astman_append(s, "%s",  S_OR(final_buf, buf));

? 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
11-07-07 08:24  ys             Note Added: 0073300                          
======================================================================

More information about the asterisk-bugs mailing list