[asterisk-bugs] [JIRA] (ASTERISK-19143) Core dump when adding dialplan extension

alexr1 (JIRA) noreply at issues.asterisk.org
Sun Jul 20 04:39:57 CDT 2014 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-19143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=220754#comment-220754 ] 

alexr1 commented on ASTERISK-19143:
-----------------------------------

If you look at the backtraces you can see an encoded space: %20 in the SIP URI (from the SUBSCRIBE request).

In issue ASTERISK-19711
readbuf = "SUBSCRIBE sip:418-766-2000%20x4696 at 64.254.249.114:5060 SIP/2.0.....

In this issue ASTERISK-19143:
readbuf = "SUBSCRIBE sip:1%20(35%20)@64.254.249.110:5060 SIP/2.0......

I can reproduce this issue in the latest 1.8 or 11 when you try and subscribe multiple times to an extension containing %20. It may not happen instantly, but it will happen after multiple subscribes. 1.8 seemed to crash with a trailing %20, but 11 only crashed after I prefixed the extension with %20.. despite showing corruption: pbx.c:2402 add_exten_to_pattern_tree: Found duplicate exten. Had b¡Æ)

I used the following subscriptions to trigger the crash:
%2002112
02113%20
%2002114

With this hint:
exten => _X.,hint,${IF($[${EXTEN:0:2} = 02]?SIP/${EXTEN}:Custom:02-${EXTEN})}

Over to you - bounty still available to the first person to patch :)

> Core dump when adding dialplan extension
> ----------------------------------------
>
>                 Key: ASTERISK-19143
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-19143
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/Configuration
>    Affects Versions: 1.8.7.2, 1.8.8.0
>         Environment: CentOS 5.5
>            Reporter: Steven T. Wheeler
>         Attachments: backtrace-20120305-1136.txt, backtrace-20120305-1138.txt, backtrace.txt, full_debug.log, full.log
>
>
> asterisk -rx "dialplan add extension steventest2-swheeler,hint,SIP/steventest2-swheeler_softphone&Custom:unavailable into blf replace
> Executing this command will occasionally cause asterisk to segfault.  From what I can tell in the back trace the issue seems to be related to logging the message "Found duplicate exten. Had %s found %s".  Please see the attached back trace and debug logs for more information.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list