[asterisk-bugs] [Asterisk 0015786]: asterisk 1.6.2.0-beta4 crash when including nonexistent file from /etc/asterisk/manager.conf
Asterisk Bug Tracker
noreply at bugs.digium.com
Thu Aug 27 14:20:18 CDT 2009
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=15786
======================================================================
Reported By: a_villacis
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 15786
Category: Core/ManagerInterface
Reproducibility: always
Severity: crash
Priority: normal
Status: new
Asterisk Version: 1.6.2.0-beta4
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2009-08-27 14:18 CDT
Last Modified: 2009-08-27 14:20 CDT
======================================================================
Summary: asterisk 1.6.2.0-beta4 crash when including
nonexistent file from /etc/asterisk/manager.conf
Description:
If /etc/asterisk/manager.conf #includes a file that does not exist,
asterisk will crash instead of continuing gracefully or logging the issue
and exiting.
To reproduce:
Compile and install asterisk-1.6.2.0-beta4
Edit /etc/asterisk/manager.conf to #include any filename that does not
exist.
(Re)start asterisk.
Expected result:
asterisk should either log the issue and continue, or exit gracefully with
the logged issue.
Actual result:
SIGSEGV
When run from valgrind, the following is reported right before the crash:
==17755==
==17755== Invalid read of size 8
==17755== at 0x456319: ast_variable_browse (config.c:400)
==17755== by 0x4987EE: __init_manager (manager.c:4111)
==17755== by 0x431AA9: main (asterisk.c:3600)
==17755== Address 0x16 is not stack'd, malloc'd or (recently) free'd
When run under gdb, asterisk shows this:
Program received signal SIGSEGV, Segmentation fault.
0x0000000000456319 in ast_variable_browse (config=0xfffffffffffffffe,
category=0x517d06 "general") at config.c:400
400 if (category && config->last_browse && (config->last_browse->name ==
category)) {
(gdb) bt
https://issues.asterisk.org/view.php?id=0 0x0000000000456319 in
ast_variable_browse (config=0xfffffffffffffffe,
category=0x517d06 "general") at config.c:400
https://issues.asterisk.org/view.php?id=1 0x00000000004987ef in __init_manager
(reload=<value optimized out>) at
manager.c:4111
https://issues.asterisk.org/view.php?id=2 0x0000000000431aaa in main
(argc=<value optimized out>,
argv=0x7fff11d93348) at asterisk.c:3600
(gdb) bt full
https://issues.asterisk.org/view.php?id=0 0x0000000000456319 in
ast_variable_browse (config=0xfffffffffffffffe,
category=0x517d06 "general") at config.c:400
cat = <value optimized out>
https://issues.asterisk.org/view.php?id=1 0x00000000004987ef in __init_manager
(reload=<value optimized out>) at
manager.c:4111
ucfg = <value optimized out>
cfg = (struct ast_config *) 0xfffffffffffffffe
val = <value optimized out>
cat = <value optimized out>
newhttptimeout = <value optimized out>
have_sslbindaddr = 0
hp = <value optimized out>
ahp = {hp = {h_name = 0x0, h_aliases = 0x0, h_addrtype = 0, h_length = 0,
h_addr_list = 0x0},
buf = '\0' <repeats 589 times>, "%\000\000\000\000*", '\0' <repeats 48
times>, "[\000]", '\0' <repeats 29 times>, "{|}", '\0' <repeats 130 times>,
"\\\fE", '\0' <repeats 29 times>, "@\207v", '\0' <repeats 53 times>, "core
show channeltype", '\0' <repeats 68 times>,
"?\t\000\000?`M\000\000\000\000\000\000\000\000?\210v\000\000\000\000\000\002",
'\0' <repeats 14 times>}
user = <value optimized out>
var = <value optimized out>
config_flags = <value optimized out>
__PRETTY_FUNCTION__ = "__init_manager"
https://issues.asterisk.org/view.php?id=2 0x0000000000431aaa in main
(argc=<value optimized out>,
argv=0x7fff11d93348) at asterisk.c:3600
c = <value optimized out>
filename = "/root/.asterisk_history", '\0' <repeats 56 times>
hostname = "rpmbuild64-2.elastix.palosanto.com", '\0' <repeats 29 times>
tmp =
"\001\000\000\000\000\000\000\000?\031?U:\000\000\000?1?\021?\177\000\000 at 5?\001\000\000\000\000??\001\000\000\000\000\000)\000\000\000\000\000\000\000?\031?U:\000\000\000?<?U:\000\000\000\2201?\021?\177\000\000\2211?\021?\177\000"
xarg = 0x0
x = <value optimized out>
f = <value optimized out>
sigs = {__val = {134238211, 0 <repeats 15 times>}}
num = 58
buf = <value optimized out>
runuser = 0x0
rungroup = 0x0
remotesock = 0x0
__PRETTY_FUNCTION__ = "main"
__func__ = "main"
(gdb)
======================================================================
----------------------------------------------------------------------
(0109749) a_villacis (reporter) - 2009-08-27 14:20
https://issues.asterisk.org/view.php?id=15786#c109749
----------------------------------------------------------------------
FreePBX creates a manager.conf file that #includes a
manager_additional.conf file that does not exist. Therefore, using FreePBX
with this version of asterisk is likely to crash asterisk as shown above.
Issue History
Date Modified Username Field Change
======================================================================
2009-08-27 14:20 a_villacis Note Added: 0109749
======================================================================
More information about the asterisk-bugs
mailing list