[asterisk-bugs] [JIRA] (ASTERISK-25389) pjsip: crash on null uri in contact header

[Scott Griepentrog (JIRA)]

    [ https://issues.asterisk.org/jira/browse/ASTERISK-25389?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=227561#comment-227561 ] 

Scott Griepentrog commented on ASTERISK-25389:
----------------------------------------------

>From https://gerrit.asterisk.org/#/c/1118/:

Matt Jordan
> I'm going to put a -1 on here to investigate if this is an issue in PJSIP. If it is, we should fix it there and push the patch upstream.

Mark Michelson
> I'm seconding the -1 here. Have a look at ASTERISK-25295
> There is currently a crash occurring sometimes in res_pjsip_path because of a NULL contact URI. On the surface, it seems like the fix you're implementing would fix that problem. However, the real issue here is that we created a contact header with a NULL URI in the first place.
> If you want to see my analysis on that issue, have a look at https://issues.asterisk.org/jira/browse/ASTERISK-25295?focusedCommentId=227290&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-227290
> The proper fix is to catch parsing errors of URIs earlier so that we never try to send a malformed SIP response through the path module in the first place.

> pjsip: crash on null uri in contact header
> ------------------------------------------
>
>                 Key: ASTERISK-25389
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25389
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>            Reporter: Scott Griepentrog
>         Attachments: backtrace-core.9340.txt, full-log-core.9340.txt
>
>
> On a memory constrained system (where malloc may fail), encountered a crash where pjsip_msg_find_hdr() returns a contact_hdr with null uri.
> Backtrace and log attached.
> Issue can be reproduced with CHAOS_DEBUG (have encountered it twice).



--
This message was sent by Atlassian JIRA
(v6.2#6252)