[asterisk-bugs] [JIRA] (ASTERISK-25706) pbx: Abort asterisk on features reload (handle_hint_change)
Kevin Harwell (JIRA)
noreply at issues.asterisk.org
Wed Aug 17 16:51:57 CDT 2016
[ https://issues.asterisk.org/jira/browse/ASTERISK-25706?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Harwell updated ASTERISK-25706:
-------------------------------------
Reviewboard Link: https://gerrit.asterisk.org/#/c/3601/
> pbx: Abort asterisk on features reload (handle_hint_change)
> -----------------------------------------------------------
>
> Key: ASTERISK-25706
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25706
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Core/PBX
> Affects Versions: 11.21.0, 13.7.0
> Environment: Ubuntu
> Reporter: Krzysztof Trempala
> Assignee: Kevin Harwell
> Severity: Critical
> Attachments: 0008-handle_hint_change-initialize-presence_state.patch, backtrace.txt, pbx_11.22.0.patch
>
>
> Asterisk reseting on features reload.
> Logs from core:
> {code}
> #4 0x0816eda4 in handle_hint_change (data=0xb6b1148c) at pbx.c:6099
> hint = 0xb6b1148c
> hint_app = 0xb6b4d5d8
> state = 0
> presence_state = {provider = 0x82dc264 "", state = 7, subtype = 0x81bc405 "\270", message = 0x0}
> ....
> {code}
> Crash on "ast_free(presence_state.subtype);" in function handle_hint_change(). Variable presence_state.subtype and presence_state.message is no set. Function extension_presence_state_helper() return state = AST_PRESENCE_INVALID.
> Code:
> {code}
> static int handle_hint_change(void *data)
> {
> struct ast_hint *hint = data;
> struct ast_str *hint_app;
> int state;
> struct presencechange presence_state;
> if (!(hint_app = ast_str_create(1024))) {
> return -1;
> }
> device_state_notify_callbacks(hint, &hint_app);
> state = extension_presence_state_helper(
> hint->exten, &presence_state.subtype, &presence_state.message);
> presence_state.state = state > 0 ? state : AST_PRESENCE_INVALID;
> presence_state_notify_callbacks(AST_EVENT_HINT_CHANGE, hint, &hint_app, &presence_state);
> ast_free(hint_app);
> ao2_ref(hint, -1);
> ast_free(presence_state.subtype); <==== crash here
> ast_free(presence_state.message);
> return 0;
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list