[asterisk-bugs] [JIRA] (ASTERISK-22821) Asterisk 12-beta @r402448 pjsip sigsegv receiving SIP MESSAGE when checking Contact header
Kevin Harwell (JIRA)
noreply at issues.asterisk.org
Tue Nov 12 10:50:03 CST 2013
[ https://issues.asterisk.org/jira/browse/ASTERISK-22821?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=211696#comment-211696 ]
Kevin Harwell commented on ASTERISK-22821:
------------------------------------------
In the messaging case it is correct that the contact header should not be checked. Removing the offending code fixed the problem.
For the PJSIP_HEADER case it was attempting to dereference a null private channel tech pointer. I put in some null checks to guard against this.
However, since this bug was found along side the messaging bug, I suspect you were attempting to use the PJSIP_HEADER dialplan function to set items before calling the "MessageSend" application. Since these messages are "out of dialog" there is no associated channel technology so PJSIP_HEADER function cannot be used here. However there exists a MESSAGE function (https://wiki.asterisk.org/wiki/display/AST/Asterisk+12+Function_MESSAGE) that is used for this and can be used instead.
> Asterisk 12-beta @r402448 pjsip sigsegv receiving SIP MESSAGE when checking Contact header
> ------------------------------------------------------------------------------------------
>
> Key: ASTERISK-22821
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-22821
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_pjsip_messaging
> Affects Versions: 12.0.0-beta1
> Environment: Fedora 19 x86_64, compiled Asterisk and PJSIP from source.
> Reporter: Anthony Messina
> Assignee: Kevin Harwell
> Attachments: asterisk-12-r402448-PJSIP_HEADER-read-Contact-sigsegv.txt, asterisk-12-r402448-pjsip-message-sigsegv.txt
>
>
> Asterisk dumps core when receiving a PJSIP SIP MESSAGE from a CSipCimple client. The issue appears when Asterisk attempts to check for a Contact header in the incoming MESSAGE (in res/res_pjsip_messaging.c):
> {code}
> /* contact header */
> if ((size = pjsip_hdr_print_on(pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_CONTACT, NULL), buf, sizeof(buf)-1)) > 0) {
> buf[size] = '\0';
> CHECK_RES(ast_msg_set_var(msg, "SIP_FULLCONTACT", buf));
> }
> {code}
> It may well be that CSipSimple is sending a bad Contact header, but it shouldn't cause Asterisk/PJSIP to bail. I am contacting the CSipSimple developers to ask about their Contact header.
> If I replace the above snippet with the following, SIP MESSAGEs are processed properly (though I don't know C and I'm not sure this will do what it's supposed to):
> {code}
> /* new contact header */
> pjsip_contact_hdr *contact_hdr;
> contact_hdr = (pjsip_contact_hdr*)
> pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_CONTACT, NULL);
> if (contact_hdr) {
> buf[size] = '\0';
> CHECK_RES(ast_msg_set_var(msg, "SIP_FULLCONTACT", buf));
> }
> {code}
> I will attach a backtrace showing the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the asterisk-bugs
mailing list