[asterisk-bugs] [Asterisk 0019192]: [patch] [regression] segfault in _sip_tcp_helper_thread() caused by bad merge in r314628
Asterisk Bug Tracker
noreply at bugs.digium.com
Fri May 13 11:07:05 CDT 2011
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=19192
======================================================================
Reported By: stknob
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 19192
Category: Channels/chan_sip/General
Reproducibility: always
Severity: block
Priority: normal
Status: ready for testing
Target Version: 1.8.5
Asterisk Version: 1.8.3.3
JIRA: SWP-3390
Regression: Yes
Reviewboard Link:
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2011-04-27 11:43 CDT
Last Modified: 2011-05-13 11:07 CDT
======================================================================
Summary: [patch] [regression] segfault in
_sip_tcp_helper_thread() caused by bad merge in r314628
Description:
This happens if ast_tcptls_session_start() in _sip_tcp_helper_thread() on
line 2506 in chan_sip.c fails (returns NULL).
To reproduce,
- create a tcp sip peer that can not be reached (e.g. blocked by
firewall)
- use sip qualify peer X (or set qualify=yes in sip.conf)
chan_sip will try to create the connection by calling
ast_tcptls_session_start().
the connection fails and ast_tcptls_session_start() returns NULL:
if ((!(ca = tcptls_session->parent)) ||
(!(me = ao2_t_find(threadt, &tmp, OBJ_POINTER, "ao2_find, getting
sip_threadinfo in tcp helper thread"))) ||
(!(tcptls_session = ast_tcptls_client_start(tcptls_session)))) {
goto cleanup;
}
setting tcptls_session to NULL and jumping to cleanup:
cleanup:
if (!tcptls_session->client && !authenticated) {
ast_atomic_fetchadd_int(&unauth_sessions, -1);
}
*boom*
asterisk[8204]: segfault at 18 ip 00007f497d4499f0 sp 00007f4966ef5450
error 4 in chan_sip.so[7f497d3c7000+a6000]
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
duplicate of 0019272 [patch] remote authenticated asterisk D...
related to 0019282 [crash] SegFault / TCP enabled in _sip_...
has duplicate 0019290 Asterisk Crashing
======================================================================
----------------------------------------------------------------------
(0134905) seanbright (manager) - 2011-05-13 11:07
https://issues.asterisk.org/view.php?id=19192#c134905
----------------------------------------------------------------------
vois: try the new patch (10-tcptls-unreachable-peer-segfault-1.8.4.patch)
that I attached. It's the same except for it should apply cleanly.
Whoever ends up committing this, make sure Chainsaw is credited for the
patch and not me.
Issue History
Date Modified Username Field Change
======================================================================
2011-05-13 11:07 seanbright Note Added: 0134905
======================================================================
More information about the asterisk-bugs
mailing list