[asterisk-bugs] [JIRA] (ASTERISK-25706) pbx: Abort asterisk on features reload (handle_hint_change)

Kevin Harwell (JIRA) noreply at issues.asterisk.org
Wed Aug 17 16:51:57 CDT 2016


     [ https://issues.asterisk.org/jira/browse/ASTERISK-25706?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Kevin Harwell updated ASTERISK-25706:
-------------------------------------

    Reviewboard Link: https://gerrit.asterisk.org/#/c/3601/

> pbx: Abort asterisk on features reload (handle_hint_change)
> -----------------------------------------------------------
>
>                 Key: ASTERISK-25706
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25706
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/PBX
>    Affects Versions: 11.21.0, 13.7.0
>         Environment: Ubuntu
>            Reporter: Krzysztof Trempala
>            Assignee: Kevin Harwell
>            Severity: Critical
>         Attachments: 0008-handle_hint_change-initialize-presence_state.patch, backtrace.txt, pbx_11.22.0.patch
>
>
> Asterisk reseting on features reload.
> Logs from core:
> {code}
> #4  0x0816eda4 in handle_hint_change (data=0xb6b1148c) at pbx.c:6099
>         hint = 0xb6b1148c
>         hint_app = 0xb6b4d5d8
>         state = 0
>         presence_state = {provider = 0x82dc264 "", state = 7, subtype = 0x81bc405 "\270", message = 0x0}
> ....
> {code}
> Crash on "ast_free(presence_state.subtype);" in function handle_hint_change(). Variable presence_state.subtype and presence_state.message is no set. Function extension_presence_state_helper() return state = AST_PRESENCE_INVALID.
> Code:
> {code}
> static int handle_hint_change(void *data)
> {
> 	struct ast_hint *hint = data;
> 	struct ast_str *hint_app;
> 	int state;
> 	struct presencechange presence_state;
> 	if (!(hint_app = ast_str_create(1024))) {
> 		return -1;
> 	}
> 	device_state_notify_callbacks(hint, &hint_app);
> 	state = extension_presence_state_helper(
> 		hint->exten, &presence_state.subtype, &presence_state.message);
> 	presence_state.state = state > 0 ? state : AST_PRESENCE_INVALID;
> 	presence_state_notify_callbacks(AST_EVENT_HINT_CHANGE, hint, &hint_app, &presence_state);
> 	ast_free(hint_app);
> 	ao2_ref(hint, -1);
> 	ast_free(presence_state.subtype);  <==== crash here 
> 	ast_free(presence_state.message);
> 	return 0;
> }
> {code} 



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list