[asterisk-bugs] [JIRA] (ASTERISK-25021) Fix invalid pointer dereference on module load
Rusty Newton (JIRA)
noreply at issues.asterisk.org
Thu Apr 30 18:54:33 CDT 2015
[ https://issues.asterisk.org/jira/browse/ASTERISK-25021?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rusty Newton updated ASTERISK-25021:
------------------------------------
Description:
After upgrading asterisk,, the daemon crashes on startup if the autoload=yes option iis not enabled in modules.conf's modules section.
This happens because of invalid pointer dereference during module loading. Here is the technical analysis:
If a module once failed to load with globally exposed symbols, the DSO is unloaded while the struct ast_module remains valid and referenced, with just mod->lib being NULL.
If the module is later attempted to be loaded again, typically on a second attempt without globally exposed symbols, we get an unpleasant crash because mod->lib is used.
A fix is proposed here:
[edit by Rusty - inline patch removed as per the guidelines, see comment on patch contribution process]
In this patch, we check mod->lib and if it is NULL, we call load_dynamic_module() again to reload the DSO.
Wa also add an additional test that mod->lib is not NULL to make sure code path using it will not be used if something still goes wrong.
was:
After upgrading asterisk,, the daemon crashes on startup if the autoload=yes option iis not enabled in modules.conf's modules section.
This happens because of invalid pointer dereference during module loading. Here is the technical analysis:
If a module once failed to load with globally exposed symbols, the DSO is unloaded while the struct ast_module remains valid and referenced, with just mod->lib being NULL.
If the module is later attempted to be loaded again, typically on a second attempt without globally exposed symbols, we get an unpleasant crash because mod->lib is used.
A fix is proposed here:
[http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/comms/asterisk18/patches/patch-main_loader.c?rev=1.1]
In this patch, we check mod->lib and if it is NULL, we call load_dynamic_module() again to reload the DSO.
Wa also add an additional test that mod->lib is not NULL to make sure code path using it will not be used if something still goes wrong.
> Fix invalid pointer dereference on module load
> ----------------------------------------------
>
> Key: ASTERISK-25021
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25021
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Affects Versions: 1.8.32.3
> Reporter: Emmanuel Dreyfus
>
> After upgrading asterisk,, the daemon crashes on startup if the autoload=yes option iis not enabled in modules.conf's modules section.
> This happens because of invalid pointer dereference during module loading. Here is the technical analysis:
> If a module once failed to load with globally exposed symbols, the DSO is unloaded while the struct ast_module remains valid and referenced, with just mod->lib being NULL.
> If the module is later attempted to be loaded again, typically on a second attempt without globally exposed symbols, we get an unpleasant crash because mod->lib is used.
> A fix is proposed here:
> [edit by Rusty - inline patch removed as per the guidelines, see comment on patch contribution process]
> In this patch, we check mod->lib and if it is NULL, we call load_dynamic_module() again to reload the DSO.
> Wa also add an additional test that mod->lib is not NULL to make sure code path using it will not be used if something still goes wrong.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list