[asterisk-bugs] [Asterisk 0017636]: Manager GetVar on unset variable causes segfault
Asterisk Bug Tracker
noreply at bugs.digium.com
Fri Jul 16 13:04:11 CDT 2010
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=17636
======================================================================
Reported By: bklang
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 17636
Category: Core/ManagerInterface
Reproducibility: always
Severity: crash
Priority: normal
Status: acknowledged
Asterisk Version: SVN
JIRA: SWP-1847
Regression: No
Reviewboard Link:
SVN Branch (only for SVN checkouts, not tarball releases): 1.6.2
SVN Revision (number only!): 275996
Request Review:
======================================================================
Date Submitted: 2010-07-13 13:02 CDT
Last Modified: 2010-07-16 13:04 CDT
======================================================================
Summary: Manager GetVar on unset variable causes segfault
Description:
This appears to be the same type of bug as reported by me previously.
GetVar on a channel variable that is not set causes a vsnprintf() with a
null argument in a string field. On OpenSolaris, this causes a segfault.
(gdb) bt
https://issues.asterisk.org/view.php?id=0 0xce8a47a0 in countbytes () from
/usr/lib/libc.so.1
https://issues.asterisk.org/view.php?id=1 0xce8f0793 in _ndoprnt () from
/usr/lib/libc.so.1
https://issues.asterisk.org/view.php?id=2 0xce8f31bd in vsnprintf () from
/usr/lib/libc.so.1
https://issues.asterisk.org/view.php?id=3 0x0813639d in __ast_str_helper
(buf=0xca74d13c, max_len=0, append=0,
fmt=0x817897c "Variable: %s\r\nValue: %s\r\n\r\n", ap=0xca74d15c
"Z####)
at strings.c:72
https://issues.asterisk.org/view.php?id=4 0x080eab0c in astman_append
(s=0xca74df64,
fmt=0x817897c "Variable: %s\r\nValue: %s\r\n\r\n") at strings.h:767
https://issues.asterisk.org/view.php?id=5 0x080ed302 in action_getvar
(s=0xca74df64, m=0xca74dd24) at
manager.c:1925
https://issues.asterisk.org/view.php?id=6 0x080f0be6 in process_message
(s=0xca74df64, m=0xca74dd24)
at manager.c:3069
https://issues.asterisk.org/view.php?id=7 0x080f11c4 in do_message
(s=0xca74df64) at manager.c:3189
https://issues.asterisk.org/view.php?id=8 0x080f13fc in session_do
(data=0x88544c8) at manager.c:3261
https://issues.asterisk.org/view.php?id=9 0x08141535 in dummy_start (data=0x0)
at utils.c:968
https://issues.asterisk.org/view.php?id=10 0xce92cd66 in _thrp_setup () from
/usr/lib/libc.so.1
https://issues.asterisk.org/view.php?id=11 0xce92cff0 in __csigsetjmp () from
/usr/lib/libc.so.1
https://issues.asterisk.org/view.php?id=12 0x00000000 in ?? ()
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0016689 [patch] Crash in res_agi when trying to...
related to 0016504 Segfault in res_agi with no second para...
related to 0017087 [patch] Segfault in manager event after...
======================================================================
----------------------------------------------------------------------
(0124626) svnbot (reporter) - 2010-07-16 13:04
https://issues.asterisk.org/view.php?id=17636#c124626
----------------------------------------------------------------------
Repository: asterisk
Revision: 277261
U branches/1.4/main/manager.c
------------------------------------------------------------------------
r277261 | tilghman | 2010-07-16 13:04:10 -0500 (Fri, 16 Jul 2010) | 5
lines
If variable gotten is not set, will segfault on Solaris.
(closes issue https://issues.asterisk.org/view.php?id=17636)
Reported by: bklang
------------------------------------------------------------------------
http://svn.digium.com/view/asterisk?view=rev&revision=277261
Issue History
Date Modified Username Field Change
======================================================================
2010-07-16 13:04 svnbot Checkin
2010-07-16 13:04 svnbot Note Added: 0124626
======================================================================
More information about the asterisk-bugs
mailing list