[asterisk-bugs] [Asterisk 0012372]: chan_sip.c: realtime_peer function make crash on version 1.4.19 and 1.6.0Beta7.1
noreply at bugs.digium.com
noreply at bugs.digium.com
Sat Apr 5 12:16:29 CDT 2008
The following issue has been RESOLVED.
======================================================================
http://bugs.digium.com/view.php?id=12372
======================================================================
Reported By: tecnoxarxa
Assigned To: file
======================================================================
Project: Asterisk
Issue ID: 12372
Category: Channels/chan_sip/General
Reproducibility: always
Severity: crash
Priority: normal
Status: resolved
Asterisk Version: 1.4.19
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Disclaimer on File?: N/A
Request Review:
Resolution: duplicate
Duplicate: 12362
Fixed in Version:
======================================================================
Date Submitted: 04-05-2008 11:38 CDT
Last Modified: 04-05-2008 12:16 CDT
======================================================================
Summary: chan_sip.c: realtime_peer function make crash on
version 1.4.19 and 1.6.0Beta7.1
Description:
This is my problem (1.4.19):
Core was generated by `/usr/sbin/asterisk -f -p -g -c'.
Program terminated with signal 11, Segmentation fault.
http://bugs.digium.com/view.php?id=0 0xb7653a80 in realtime_peer
(newpeername=0xbfede360 "Tecnoxarxa0",
sin=0x0) at chan_sip.c:2547
2547 if (!(hp =
ast_gethostbyname(tmp->value, &ahp)) || (memcmp(&hp->h_addr,
&sin->sin_addr, sizeof(hp->h_addr)))) {
(gdb) bt
http://bugs.digium.com/view.php?id=0 0xb7653a80 in realtime_peer
(newpeername=0xbfede360 "Tecnoxarxa0",
sin=0x0) at chan_sip.c:2547
http://bugs.digium.com/view.php?id=1 0xb7654585 in find_peer (peer=0xbfede360
"Tecnoxarxa0", sin=0x0,
realtime=1) at chan_sip.c:2676
http://bugs.digium.com/view.php?id=2 0xb76967ad in sip_devicestate
(data=0xbfede804) at chan_sip.c:15896
http://bugs.digium.com/view.php?id=3 0x080a0a5a in ast_device_state
(device=0xbfede894 "SIP/Tecnoxarxa0")
at devicestate.c:170
http://bugs.digium.com/view.php?id=4 0x080d4aa1 in ast_extension_state2
(e=0x84bd618) at pbx.c:1931
http://bugs.digium.com/view.php?id=5 0x080d5519 in ast_add_hint (e=0x84bd618)
at pbx.c:2209
http://bugs.digium.com/view.php?id=6 0x080dc4eb in ast_add_extension2
(con=0x84bd3d0, replace=0,
extension=0xbfedfa14 "200", priority=-1, label=0x0, callerid=0x0,
application=0x841cb69 "SIP/Tecnoxarxa0", data=0x841cbf0, datad=0xb71c0398
<ast_free>,
registrar=0xb71c8363 "pbx_config") at pbx.c:4869
http://bugs.digium.com/view.php?id=7 0xb71c75af in pbx_load_config
(config_file=0xb71c8353
"extensions.conf") at pbx_config.c:2306
http://bugs.digium.com/view.php?id=8 0xb71c811f in pbx_load_module () at
pbx_config.c:2453
http://bugs.digium.com/view.php?id=9 0xb71c81a6 in load_module () at
pbx_config.c:2470
http://bugs.digium.com/view.php?id=10 0x080bfd2d in load_resource
(resource_name=0x81bdef8 "pbx_config.so",
global_symbols_only=0) at loader.c:680
http://bugs.digium.com/view.php?id=11 0x080c05d3 in load_modules
(preload_only=0) at loader.c:874
http://bugs.digium.com/view.php?id=12 0x08072fc1 in main (argc=5,
argv=0xbfee0444) at asterisk.c:2965
http://bugs.digium.com/view.php?id=13 0xb7df8ea8 in __libc_start_main () from
/lib/tls/libc.so.6
http://bugs.digium.com/view.php?id=14 0x08057d51 in ?? () at
../sysdeps/i386/elf/start.S:119
This is a 1.4.18.1 version for this funcion working perfectly:
static struct sip_peer *realtime_peer(const char *newpeername, struct
sockaddr_in *sin)
....
if (var) {
for (tmp = var; tmp; tmp = tmp->next) {
if (!strcasecmp(var->name, "host")) {
struct in_addr sin2;
struct ast_dnsmgr_entry *dnsmgr = NULL;
memset(&sin2, 0, sizeof(sin2));
if ((ast_dnsmgr_lookup(tmp->value, &sin2, &dnsmgr)
< 0) || (memcmp(&sin2, &sin->sin_addr, sizeof(sin2)) != 0)) {
/* No match */
ast_variables_destroy(var);
var = NULL;
}
break;
}
}
}
....
And this is a 1.4.19 version extract:
static struct sip_peer *realtime_peer(const char *newpeername, struct
sockaddr_in *sin)
....
if (var) {
for (tmp = var; tmp; tmp = tmp->next) {
if (!strcasecmp(tmp->name, "host")) {
struct hostent *hp;
struct ast_hostent ahp;
if (!(hp = ast_gethostbyname(tmp->value, &ahp)) ||
(memcmp(&hp->h_addr, &sin->sin_addr, sizeof(hp->h_addr)))) {
/* No match */
ast_variables_destroy(var);
var = NULL;
}
break;
}
}
}
....
I think the problem is this new line:
if (!(hp = ast_gethostbyname(tmp->value, &ahp)) || (memcmp(&hp->h_addr,
&sin->sin_addr, sizeof(hp->h_addr))))
This is a bug ? What is the best solution ?
I was changed this line only:
if (!strcasecmp(var->name, "host")) {
Prior was:
if (!strcasecmp(tmp->name, "host")) {
this is an ok solution ?
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
duplicate of 0012362 Asterisk crashes everytime i try to dia...
======================================================================
----------------------------------------------------------------------
file - 04-05-08 12:16
----------------------------------------------------------------------
This is a duplicate of issue 12362. Please follow progress there and try
the patch.
Issue History
Date Modified Username Field Change
======================================================================
04-05-08 12:16 file Duplicate ID 0 => 12362
04-05-08 12:16 file Status new => resolved
04-05-08 12:16 file Resolution open => duplicate
04-05-08 12:16 file Assigned To => file
04-05-08 12:16 file Note Added: 0085042
======================================================================
More information about the asterisk-bugs
mailing list