[asterisk-bugs] [JIRA] (ASTERISK-25718) ASAN heap-use-after-free

Badalian Vyacheslav (JIRA) noreply at issues.asterisk.org
Fri Jan 22 15:40:33 CST 2016 

Badalian Vyacheslav created ASTERISK-25718:
----------------------------------------------

             Summary: ASAN heap-use-after-free
                 Key: ASTERISK-25718
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25718
             Project: Asterisk
          Issue Type: Bug
      Security Level: None
    Affects Versions: 13.7.0
            Reporter: Badalian Vyacheslav


On Ctrl+C exit with active calls

{code}
==28264==ERROR: AddressSanitizer: heap-use-after-free on address 0x60d00016b350 at pc 0x00000065c33d bp 0x7feb7cd23c30 sp 0x7feb7cd23c20
WRITE of size 4 at 0x60d00016b350 thread T131
    #0 0x65c33c in ast_atomic_fetchadd_int /root/asterisk-13.7.0/include/asterisk/lock.h:685
    #1 0x665265 in __ast_module_unref /root/asterisk-13.7.0/main/loader.c:1564
    #2 0x61b355 in filestream_destructor /root/asterisk-13.7.0/main/file.c:428
    #3 0x492fdb in internal_ao2_ref /root/asterisk-13.7.0/main/astobj2.c:445
    #4 0x4932fa in __ao2_ref /root/asterisk-13.7.0/main/astobj2.c:516
    #5 0x61de42 in ast_closestream /root/asterisk-13.7.0/main/file.c:1054
    #6 0x61918e in ast_stopstream /root/asterisk-13.7.0/main/file.c:194
    #7 0x61ffe6 in waitstream_core /root/asterisk-13.7.0/main/file.c:1418
    #8 0x621042 in ast_waitstream /root/asterisk-13.7.0/main/file.c:1601
    #9 0x7feb9b745f58 in playback_exec /root/asterisk-13.7.0/apps/app_playback.c:489
    #10 0x6c5a4d in pbx_exec /root/asterisk-13.7.0/main/pbx.c:1722
    #11 0x6dc083 in pbx_extension_helper /root/asterisk-13.7.0/main/pbx.c:4994
    #12 0x6e20cf in ast_spawn_extension /root/asterisk-13.7.0/main/pbx.c:6216
    #13 0x6e483c in __ast_pbx_run /root/asterisk-13.7.0/main/pbx.c:6633
    #14 0x6e6e70 in pbx_thread /root/asterisk-13.7.0/main/pbx.c:6953
    #15 0x7d981c in dummy_start /root/asterisk-13.7.0/main/utils.c:1237
    #16 0x7febb03cedc4 in start_thread (/lib64/libpthread.so.0+0x7dc4)
    #17 0x7febaf6ae21c in clone (/lib64/libc.so.6+0xf621c)

ASAN:SIGSEGV
==28264==AddressSanitizer: while reporting a bug found another one. Ignoring.

{code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list