[asterisk-bugs] [Asterisk 0017365]: Race condition causes manager session event list to underflow causing null pointer de-ref and crash.
Asterisk Bug Tracker
noreply at bugs.digium.com
Tue Jun 1 11:41:04 CDT 2010
The following issue has been RESOLVED.
======================================================================
https://issues.asterisk.org/view.php?id=17365
======================================================================
Reported By: davidw
Assigned To: tilghman
======================================================================
Project: Asterisk
Issue ID: 17365
Category: Core/ManagerInterface
Reproducibility: sometimes
Severity: crash
Priority: normal
Status: resolved
Asterisk Version: SVN
JIRA:
Regression: No
Reviewboard Link:
SVN Branch (only for SVN checkouts, not tarball releases): 1.6.2
SVN Revision (number only!): 264112
Request Review:
Resolution: fixed
Fixed in Version:
======================================================================
Date Submitted: 2010-05-20 12:26 CDT
Last Modified: 2010-06-01 11:41 CDT
======================================================================
Summary: Race condition causes manager session event list to
underflow causing null pointer de-ref and crash.
Description:
There is a flaw in the reference count logic for events in manager.c which
means about once in the order of 100,000,000 events, the last event gets
purged, resulting in a trying to dereference a null last_ev pointer at:
0x0811b951 in process_events (s=0xb773819c) at manager.c:2685
2685 while ( (eqe = NEW_EVENT(s)) ) {
Scenario. Run Asterisk for long enough with a manager logged in and
events being generated.
Expect. Nothing untoward.
Get. Crash, as above.
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0017234 [patch] Memory leak in manager.c
======================================================================
----------------------------------------------------------------------
(0122707) svnbot (reporter) - 2010-06-01 11:41
https://issues.asterisk.org/view.php?id=17365#c122707
----------------------------------------------------------------------
Repository: asterisk
Revision: 266682
U trunk/main/manager.c
------------------------------------------------------------------------
r266682 | tilghman | 2010-06-01 11:41:00 -0500 (Tue, 01 Jun 2010) | 16
lines
Eliminate stale manager events after a set interval, even if AMI clients
don't query for them.
Actions (or failures to act) by external clients should not cause memory
leaks
in Asterisk, especially when those continued leaks could cause Asterisk to
misbehave later.
(closes issue https://issues.asterisk.org/view.php?id=17234)
Reported by: mav3rick
Patches:
20100510__issue17234.diff.txt uploaded by tilghman (license 14)
20100517__issue17234__trunk.diff.txt uploaded by tilghman (license
14)
Tested by: mav3rick, davidw
(closes issue https://issues.asterisk.org/view.php?id=17365)
Reported by: davidw
------------------------------------------------------------------------
http://svn.digium.com/view/asterisk?view=rev&revision=266682
Issue History
Date Modified Username Field Change
======================================================================
2010-06-01 11:41 svnbot Checkin
2010-06-01 11:41 svnbot Note Added: 0122707
2010-06-01 11:41 svnbot Status ready for testing =>
assigned
2010-06-01 11:41 svnbot Assigned To => tilghman
2010-06-01 11:41 svnbot Status assigned => resolved
2010-06-01 11:41 svnbot Resolution open => fixed
======================================================================
More information about the asterisk-bugs
mailing list