[asterisk-bugs] [JIRA] (ASTERISK-25991) ASAN: double free in res_odbc.c

Badalian Vyacheslav (JIRA) noreply at issues.asterisk.org
Fri Jun 3 06:41:56 CDT 2016 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-25991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=230889#comment-230889 ] 

Badalian Vyacheslav commented on ASTERISK-25991:
------------------------------------------------

CentOS 7. Asterisk 13.9.1. GCC 5.2.1 (devtoolset)

- unixODBC-devel-2.3.1-11.el7.x86_64
- mysql-connector-odbc
# 5.3.6-1.el7.x86_64 (from MYSQL site)
# 5.2.5-6.el7 (from base REPO)
- unixODBC-2.3.1-11.el7.x86_64

unloadiing odbc_cel.so was fixed problem. CDR without CEL writed to DB fine.

in mysql-connector version 5.3.6-1.el7.x86_64 have 2 different SO files with suffix {{a}} (ANSI) and {{w}} (UTF)

if we use {{w}} version also have this asan:
{code}
# cat /var/log/cores/asterisk/old/asan.3844
=================================================================
==3844==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fe7097e9f7b bp 0x7fe71351e3b0 sp 0x7fe71351e3b0 T18)
    #0 0x7fe7097e9f7a in mysql_get_character_set_info (/usr/lib64/libmyodbc5w.so+0x6bf7a)
    #1 0x7fe7097cc40c in myodbc_do_connect (/usr/lib64/libmyodbc5w.so+0x4e40c)
    #2 0x7fe7097cc838 in MySQLConnect (/usr/lib64/libmyodbc5w.so+0x4e838)
    #3 0x7fe70f1573b2 in SQLConnect (/lib64/libodbc.so.2+0x103b2)
    #4 0x7fe70f3ba049 in odbc_obj_connect /root/asterisk-13.9.1/res/res_odbc.c:813
    #5 0x7fe70f3b90e3 in _ast_odbc_request_obj2 /root/asterisk-13.9.1/res/res_odbc.c:722
    #6 0x7fe70f3b924f in _ast_odbc_request_obj /root/asterisk-13.9.1/res/res_odbc.c:738
    #7 0x7fe6f6dfa573 in odbc_log /root/asterisk-13.9.1/cdr/cdr_adaptive_odbc.c:411
    #8 0x52edbf in post_cdr /root/asterisk-13.9.1/main/cdr.c:3271
    #9 0x532a96 in cdr_detach /root/asterisk-13.9.1/main/cdr.c:3568
    #10 0x51d9ec in cdr_object_dispatch /root/asterisk-13.9.1/main/cdr.c:1199
    #11 0x52691e in handle_channel_cache_message /root/asterisk-13.9.1/main/cdr.c:2129
    #12 0x79938e in router_dispatch /root/asterisk-13.9.1/main/stasis_message_router.c:201
    #13 0x775ed5 in subscription_invoke /root/asterisk-13.9.1/main/stasis.c:433
    #14 0x777a68 in dispatch_exec_async /root/asterisk-13.9.1/main/stasis.c:702
    #15 0x7b53ab in ast_taskprocessor_execute /root/asterisk-13.9.1/main/taskprocessor.c:848
    #16 0x7b1fb2 in default_tps_processing_function /root/asterisk-13.9.1/main/taskprocessor.c:183
    #17 0x7e58b5 in dummy_start /root/asterisk-13.9.1/main/utils.c:1235
    #18 0x7fe7178d9dc4 in start_thread (/lib64/libpthread.so.0+0x7dc4)
    #19 0x7fe716bb928c in clone (/lib64/libc.so.6+0xf628c)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ??:0 mysql_get_character_set_info
Thread T18 created by T0 here:
    #0 0x7fe71946c703 in pthread_create (/lib64/libasan.so.2+0x36703)
    #1 0x7e5cbe in ast_pthread_create_stack /root/asterisk-13.9.1/main/utils.c:1288
    #2 0x7b212c in default_listener_start /root/asterisk-13.9.1/main/taskprocessor.c:200
    #3 0x7b47c0 in __allocate_taskprocessor /root/asterisk-13.9.1/main/taskprocessor.c:682
    #4 0x7b498d in ast_taskprocessor_get /root/asterisk-13.9.1/main/taskprocessor.c:728
    #5 0x776294 in internal_stasis_subscribe /root/asterisk-13.9.1/main/stasis.c:487
    #6 0x776548 in stasis_subscribe /root/asterisk-13.9.1/main/stasis.c:517
    #7 0x7998b1 in stasis_message_router_create_internal /root/asterisk-13.9.1/main/stasis_message_router.c:230
    #8 0x7999a9 in stasis_message_router_create /root/asterisk-13.9.1/main/stasis_message_router.c:243
    #9 0x537f0b in ast_cdr_engine_init /root/asterisk-13.9.1/main/cdr.c:4183
    #10 0x49242e in asterisk_daemon /root/asterisk-13.9.1/main/asterisk.c:4640
    #11 0x491572 in main /root/asterisk-13.9.1/main/asterisk.c:4289
    #12 0x7fe716ae4b14 in __libc_start_main (/lib64/libc.so.6+0x21b14)

==3844==ABORTING
{code}

> ASAN: double free in res_odbc.c
> -------------------------------
>
>                 Key: ASTERISK-25991
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25991
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_odbc
>    Affects Versions: 13.8.2, 13.9.1
>            Reporter: Badalian Vyacheslav
>            Severity: Critical
>         Attachments: asan.16318, asan.16318.txt, asan.1640, asan.1640.txt, backtrace_claudiu_2016-05-10T12_06_19+0300.txt, full_claudiu.txt
>
>
> Asan log in attached files



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list