[asterisk-bugs] [Asterisk 0019350]: [patch] Crash in chan_sip -- sip_setoption()

Asterisk Bug Tracker noreply at bugs.digium.com
Mon May 23 20:32:14 CDT 2011 

A NOTE has been added to this issue. 
====================================================================== 
https://issues.asterisk.org/view.php?id=19350 
====================================================================== 
Reported By:                kobaz
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   19350
Category:                   Channels/chan_sip/General
Reproducibility:            sometimes
Severity:                   crash
Priority:                   normal
Status:                     new
Asterisk Version:           1.8.4 
JIRA:                        
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Request Review:              
====================================================================== 
Date Submitted:             2011-05-23 17:00 CDT
Last Modified:              2011-05-23 20:32 CDT
====================================================================== 
Summary:                    [patch] Crash in chan_sip -- sip_setoption()
Description: 
If the sip private structure is null, sip_setoption() will defref the null
pointer and crash.

I don't know what the exact fix would be, but a stopgap would prevent a
crash here.

Possibly all the operations on sip private structures should check their
pointer first?
====================================================================== 

---------------------------------------------------------------------- 
 (0135318) kobaz (developer) - 2011-05-23 20:32
 https://issues.asterisk.org/view.php?id=19350#c135318 
---------------------------------------------------------------------- 
I can't tell for certain, but it looks very similar.  It's difficult to
tell 100% because in the other issue there's no output of what the pointer
is for the sip private structure.  If I were to take a wild guess, I would
say it's probably the same crash.  I'll mark it as related.

Try this patch to see if it fixes the issue noted in 0018732. 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2011-05-23 20:32 kobaz          Note Added: 0135318                          
======================================================================

More information about the asterisk-bugs mailing list