[asterisk-bugs] [JIRA] (ASTERISK-24925) Crash within pjprojects(libpjnath) pj_stun_session_on_rx_pkt
Stefan Engström (JIRA)
noreply at issues.asterisk.org
Mon Apr 20 06:27:32 CDT 2015
[ https://issues.asterisk.org/jira/browse/ASTERISK-24925?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Engström updated ASTERISK-24925:
---------------------------------------
Attachment: crash-coredump-with-debuginfo-toupload
Finally got another crash... I took a quick look at pjnath's stun_session.c it looks like in all versions of pjprojects (2.2,2.3,2.4), in function check_cached_response they do a while (t != &sess->cached_response_list) { ... } where t is not tested for NULL. adding t && in the while-condition might have prevented this crash?
> Crash within pjprojects(libpjnath) pj_stun_session_on_rx_pkt
> ------------------------------------------------------------
>
> Key: ASTERISK-24925
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-24925
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_pjsip, pjproject/pjsip
> Affects Versions: 13.1.0
> Environment: pjprojects version 2.2, asterisk version 13.1.0, OS is 64 bit fedora 20.
> Reporter: Stefan Engström
> Assignee: Stefan Engström
> Attachments: crash-coredump-with-debuginfo-toupload, webrtcstundebug.pdf, wiresharksnapshotstunburst.PNG
>
>
> Not yet reproducable. The use-case is a dial to a webrtc-peer, that is a chan_sip peer with transport wss and icesupport=yes.
> Will try to debug this issue myself first, and add more data continuously.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list