[asterisk-bugs] [JIRA] (ASTERISK-25827) crash asterisk with dialplan add extension

Bernard Merindol (JIRA) noreply at issues.asterisk.org
Wed Mar 2 09:24:56 CST 2016 

Bernard Merindol created ASTERISK-25827:
-------------------------------------------

             Summary: crash asterisk with dialplan add extension
                 Key: ASTERISK-25827
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25827
             Project: Asterisk
          Issue Type: Bug
      Security Level: None
    Affects Versions: 11.21.2, 11.21.0, 11.20.0
         Environment: Linux c3testv5 3.13.0-68-generic #111-Ubuntu SMP Fri Nov 6 18:17:06 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Ubuntu 14.04.4 LTS
            Reporter: Bernard Merindol


when use this commands in console
dialplan add extension 1000,hint,SIP/1000 into tata
c3testv5*CLI> dialplan add extension 1000,hint,SIP/1000 into tata
Context 'tata' did not exist prior to add extension - the context will be created.
Extension '1000,hint,SIP/1000()' added into 'tata' context
    -- Registered extension context 'tata'; registrar: pbx_config
    -- Added extension '1000' priority -1 to tata


follow by
dialplan add extension 1000,hint,SIP/1000 into tata replace
c3testv5*CLI> dialplan add extension 1000,hint,SIP/1000 into tata replace
Extension 1000 at tata (hint) replace by '1000,hint,SIP/1000()'
    -- Added extension '1000' priority -1 to tata
c3testv5*CLI>
Disconnected from Asterisk server
Asterisk cleanly ending (0).
Executing last minute cleanups
Second command crash asterisk
in GDB we have:
Program received signal SIGABRT, Aborted.
[Switching to Thread 0x7efdcbb6d700 (LWP 30045)]
0x00007efde2574cc9 in __GI_raise (sig=sig at entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56	../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  0x00007efde2574cc9 in __GI_raise (sig=sig at entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007efde25780d8 in __GI_abort () at abort.c:89
#2  0x00007efde25b1394 in __libc_message (do_abort=do_abort at entry=1,
    fmt=fmt at entry=0x7efde26bfb28 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/posix/libc_fatal.c:175
#3  0x00007efde25bd66e in malloc_printerr (ptr=<optimized out>, str=0x7efde26bfc58 "double free or corruption (out)", action=1)
    at malloc.c:4996
#4  _int_free (av=<optimized out>, p=<optimized out>, have_lock=0) at malloc.c:3840
#5  0x0000000000536293 in handle_hint_change (data=0x3962ec8) at pbx.c:6100
#6  0x000000000058835e in tps_processing_function (data=data at entry=0x31641a8) at taskprocessor.c:330
#7  0x00000000005978aa in dummy_start (data=<optimized out>) at utils.c:1223
#8  0x00007efde14c9182 in start_thread (arg=0x7efdcbb6d700) at pthread_create.c:312
#9  0x00007efde263847d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

On stderr we have:

*** Error in `/usr/sbin/asterisk': double free or corruption (out): 0x0000000001b801b0 ***

Version 11.19.x not affected,




--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list