[asterisk-bugs] [JIRA] (ASTERISK-21326) Segmentation fault on hangup in in ast_bridged_channel

Rusty Newton (JIRA) noreply at issues.asterisk.org
Wed Mar 27 20:16:03 CDT 2013 

Rusty Newton created ASTERISK-21326:
---------------------------------------

             Summary: Segmentation fault on hangup in in ast_bridged_channel
                 Key: ASTERISK-21326
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-21326
             Project: Asterisk
          Issue Type: Bug
      Security Level: None
          Components: Core/Bridging
    Affects Versions: 11.0.1
         Environment: Ubuntu 10.04.2 
Kernel 2.6.38
            Reporter: German Becker


Function ast_bridged_channel in main/channel.c generates segmentation fault. It happens seldom, I couldn't reproduce, but I think it happens when releasing call at both channels at the same time, timing issue.

Here is the function:

{code}
struct ast_channel *ast_bridged_channel(struct ast_channel *chan)
{
        struct ast_channel *bridged;
        bridged = ast_channel_internal_bridged_channel(chan);
        if (bridged && ast_channel_tech(bridged)->bridged_channel)
                bridged = ast_channel_tech(bridged)->bridged_channel(chan, bridged);
        return bridged;
}
{code}

The segfault rises because bridged is not NULL, but ast_channel_tech(bridged) is NULL so the dereference produces a segfault. I'm not sure why it is null, but I think it is related to timing as said before. 
A possible fix would be to check that ast_channel_tech(bridged) is not null.
i.e:

{code}
struct ast_channel *ast_bridged_channel(struct ast_channel *chan)
{
        struct ast_channel *bridged;
        bridged = ast_channel_internal_bridged_channel(chan);
        if (bridged && ast_channel_tech(bridged) && 
           ast_channel_tech(bridged)->bridged_channel)
                bridged = ast_channel_tech(bridged)->bridged_channel(chan, bridged);
        return bridged;
}
{code}


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list