[asterisk-bugs] [Asterisk 0014217]: [patch] app_page causes undefined behavior when paging a page group with more than 128 extensions

Asterisk Bug Tracker noreply at bugs.digium.com
Tue Jan 13 18:12:03 CST 2009 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=14217 
====================================================================== 
Reported By:                a_villacis
Assigned To:                otherwiseguy
====================================================================== 
Project:                    Asterisk
Issue ID:                   14217
Category:                   Applications/app_page
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     confirmed
Asterisk Version:           1.4.22 
Regression:                 No 
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             2009-01-12 10:06 CST
Last Modified:              2009-01-13 18:12 CST
====================================================================== 
Summary:                    [patch] app_page causes undefined behavior when
paging a page group with more than 128 extensions
Description: 
When defining a paging group, if this group has more than 128 extensions,
an attempt to ring this paging group causes *all* calls (including those
belonging to extensions not part of the group) to be hung up. Analysis of
the root problem shows that a range of undefined behaviors can occur, up to
and including the crash of the Asterisk server.
====================================================================== 

---------------------------------------------------------------------- 
 (0097688) otherwiseguy (administrator) - 2009-01-13 18:12
 http://bugs.digium.com/view.php?id=14217#c97688 
---------------------------------------------------------------------- 
There are a couple of issues, I think.  First, I'm totally surprised that
paging 128 phones simultaneously works, wow!.  Second, I'm not sure
completely removing the upper limit on number of phones paged
simultaneously is a great idea, but the question is always where to draw
the line I suppose.  Third, the ast_malloc for the dial_list allocates too
much space, it is an array of pointers, not an array of struct ast_dials,
and since you are setting the pointer to NULL anyway, it would be better
to:

dial_list = ast_calloc(num_dials, sizeof(void *));

and get rid of the later initialization.

Anyway, this is something that obviously need to be fixed quickly, I may
go ahead and make some changes to the patch instead of waiting for it to be
edited.  Of course, the simple thing to do would be to just enforce the 128
call limit. 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-01-13 18:12 otherwiseguy   Note Added: 0097688                          
======================================================================

More information about the asterisk-bugs mailing list