[asterisk-bugs] [Asterisk 0015786]: [patch] asterisk 1.6.2.0-beta4 crash when including nonexistent file from /etc/asterisk/manager.conf

Asterisk Bug Tracker noreply at bugs.digium.com
Thu Aug 27 16:28:14 CDT 2009


A NOTE has been added to this issue. 
====================================================================== 
https://issues.asterisk.org/view.php?id=15786 
====================================================================== 
Reported By:                a_villacis
Assigned To:                tilghman
====================================================================== 
Project:                    Asterisk
Issue ID:                   15786
Category:                   Core/ManagerInterface
Reproducibility:            always
Severity:                   crash
Priority:                   normal
Status:                     closed
Asterisk Version:           1.6.2.0-beta4 
Regression:                 No 
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Request Review:              
Resolution:                 fixed
Fixed in Version:           
====================================================================== 
Date Submitted:             2009-08-27 14:18 CDT
Last Modified:              2009-08-27 16:28 CDT
====================================================================== 
Summary:                    [patch] asterisk 1.6.2.0-beta4 crash when including
nonexistent file from /etc/asterisk/manager.conf
Description: 
If /etc/asterisk/manager.conf #includes a file that does not exist,
asterisk will crash instead of continuing gracefully or logging the issue
and exiting.

To reproduce:

Compile and install asterisk-1.6.2.0-beta4
Edit /etc/asterisk/manager.conf to #include any filename that does not
exist.
(Re)start asterisk.

Expected result:
asterisk should either log the issue and continue, or exit gracefully with
the logged issue.

Actual result:
SIGSEGV

When run from valgrind, the following is reported right before the crash:


==17755== 
==17755== Invalid read of size 8
==17755==    at 0x456319: ast_variable_browse (config.c:400)
==17755==    by 0x4987EE: __init_manager (manager.c:4111)
==17755==    by 0x431AA9: main (asterisk.c:3600)
==17755==  Address 0x16 is not stack'd, malloc'd or (recently) free'd

When run under gdb, asterisk shows this:

Program received signal SIGSEGV, Segmentation fault.
0x0000000000456319 in ast_variable_browse (config=0xfffffffffffffffe,
category=0x517d06 "general") at config.c:400
400		if (category && config->last_browse && (config->last_browse->name ==
category)) {
(gdb) bt
https://issues.asterisk.org/view.php?id=0  0x0000000000456319 in
ast_variable_browse (config=0xfffffffffffffffe,
category=0x517d06 "general") at config.c:400
https://issues.asterisk.org/view.php?id=1  0x00000000004987ef in __init_manager
(reload=<value optimized out>) at
manager.c:4111
https://issues.asterisk.org/view.php?id=2  0x0000000000431aaa in main
(argc=<value optimized out>,
argv=0x7fff11d93348) at asterisk.c:3600
(gdb) bt full
https://issues.asterisk.org/view.php?id=0  0x0000000000456319 in
ast_variable_browse (config=0xfffffffffffffffe,
category=0x517d06 "general") at config.c:400
	cat = <value optimized out>
https://issues.asterisk.org/view.php?id=1  0x00000000004987ef in __init_manager
(reload=<value optimized out>) at
manager.c:4111
	ucfg = <value optimized out>
	cfg = (struct ast_config *) 0xfffffffffffffffe
	val = <value optimized out>
	cat = <value optimized out>
	newhttptimeout = <value optimized out>
	have_sslbindaddr = 0
	hp = <value optimized out>
	ahp = {hp = {h_name = 0x0, h_aliases = 0x0, h_addrtype = 0, h_length = 0,
h_addr_list = 0x0}, 
  buf = '\0' <repeats 589 times>, "%\000\000\000\000*", '\0' <repeats 48
times>, "[\000]", '\0' <repeats 29 times>, "{|}", '\0' <repeats 130 times>,
"\\\fE", '\0' <repeats 29 times>, "@\207v", '\0' <repeats 53 times>, "core
show channeltype", '\0' <repeats 68 times>,
"?\t\000\000?`M\000\000\000\000\000\000\000\000?\210v\000\000\000\000\000\002",
'\0' <repeats 14 times>}
	user = <value optimized out>
	var = <value optimized out>
	config_flags = <value optimized out>
	__PRETTY_FUNCTION__ = "__init_manager"
https://issues.asterisk.org/view.php?id=2  0x0000000000431aaa in main
(argc=<value optimized out>,
argv=0x7fff11d93348) at asterisk.c:3600
	c = <value optimized out>
	filename = "/root/.asterisk_history", '\0' <repeats 56 times>
	hostname = "rpmbuild64-2.elastix.palosanto.com", '\0' <repeats 29 times>
	tmp =
"\001\000\000\000\000\000\000\000?\031?U:\000\000\000?1?\021?\177\000\000 at 5?\001\000\000\000\000??\001\000\000\000\000\000)\000\000\000\000\000\000\000?\031?U:\000\000\000?<?U:\000\000\000\2201?\021?\177\000\000\2211?\021?\177\000"
	xarg = 0x0
	x = <value optimized out>
	f = <value optimized out>
	sigs = {__val = {134238211, 0 <repeats 15 times>}}
	num = 58
	buf = <value optimized out>
	runuser = 0x0
	rungroup = 0x0
	remotesock = 0x0
	__PRETTY_FUNCTION__ = "main"
	__func__ = "main"
(gdb) 


====================================================================== 

---------------------------------------------------------------------- 
 (0109754) svnbot (reporter) - 2009-08-27 16:28
 https://issues.asterisk.org/view.php?id=15786#c109754 
---------------------------------------------------------------------- 
Repository: asterisk
Revision: 214515

_U  branches/1.6.2/
U   branches/1.6.2/main/manager.c

------------------------------------------------------------------------
r214515 | tilghman | 2009-08-27 16:28:14 -0500 (Thu, 27 Aug 2009) | 14
lines

Merged revisions 214514 via svnmerge from 
https://origsvn.digium.com/svn/asterisk/trunk

........
  r214514 | tilghman | 2009-08-27 16:26:37 -0500 (Thu, 27 Aug 2009) | 7
lines
  
  Ensure that we check for the special value CONFIG_STATUS_FILEINVALID.
  (closes issue https://issues.asterisk.org/view.php?id=15786)
   Reported by: a_villacis
   Patches: 
        
asterisk-1.6.2.0-beta4-manager-fix-crash-on-include-nonexistent-file.patch
uploaded by a villacis (license 660)
         (Plus a few of my own, to catch the remaining places within
manager.c where it could have been a problem)
........

------------------------------------------------------------------------

http://svn.digium.com/view/asterisk?view=rev&revision=214515 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-08-27 16:28 svnbot         Checkin                                      
2009-08-27 16:28 svnbot         Note Added: 0109754                          
======================================================================




More information about the asterisk-bugs mailing list