[asterisk-bugs] [JIRA] (ASTERISK-26623) res_pjsip: pjsip_options format_contact_status segfault

Joshua Colp (JIRA) noreply at issues.asterisk.org
Mon Nov 28 06:27:13 CST 2016


     [ https://issues.asterisk.org/jira/browse/ASTERISK-26623?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joshua Colp updated ASTERISK-26623:
-----------------------------------

    Summary: res_pjsip: pjsip_options format_contact_status segfault  (was: pjsip_options format_contact_status segfault)

> res_pjsip: pjsip_options format_contact_status segfault
> -------------------------------------------------------
>
>                 Key: ASTERISK-26623
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-26623
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_pjsip
>    Affects Versions: 14.2.0
>         Environment: linux x64
>            Reporter: Jørgen H
>
> Crash caused by AMI PJSIPShowEndpoint call
> Race condition? Looks like status object is null when calling ast_str_append on line 1252 of res/res_pjsip/pjsip_options.c
> #0  format_contact_status (obj=obj at entry=0x7f6436c41158, arg=arg at entry=0x7f6439c26060, flags=flags at entry=0) at res_pjsip/pjsip_options.c:1252
>         wrapper = 0x7f6436c41158
>         contact = 0x7f6436bf4528
>         ami = 0x7f6439c26060
>         status = 0x0
>         buf = 0x7f6437de0fa0
>         endpoint = 0x7f64378f7428
>         __PRETTY_FUNCTION__ = "format_contact_status"
> #1  0x00007f64e4a0f518 in ast_sip_for_each_contact (aor=0x7f643772d5f0, on_contact=0x7f64e49f8ab0 <format_contact_status>, arg=0x7f6439c26060) at res_pjsip/location.c:674
>         contact = 0x7f6436bf4528
>         wrapper = 0x7f6436c41158
>         aor_id = 0x7f6434e8b4b0 "xxxxxxxx"
>         contacts = 0x7f64482bba38
>         i = {c = 0x7f64482bba38, last_node = 0x7f6436bae668, complete = 0, flags = 0}
>         res = 0
>         object = 0x7f6436bf4528
>         __PRETTY_FUNCTION__ = "ast_sip_for_each_contact"
> #2  0x00007f64e4a0f2e5 in ast_sip_for_each_aor (aors=<optimized out>, on_aor=0x7f64e49f7d20 <format_contact_status_for_aor>, arg=0x7f6439c26060) at res_pjsip/location.c:616
>         aor = 0x7f643772d5f0
>         copy = 0x0
>         res = <optimized out>
>         __PRETTY_FUNCTION__ = "ast_sip_for_each_aor"
> #3  0x00007f64e49f2698 in ast_sip_format_endpoint_ami (endpoint=endpoint at entry=0x7f64378f7428, ami=ami at entry=0x7f6439c26060, count=count at entry=0x7f6439c26054) at res_pjsip.c:2665
>         res = 0
>         i = 0x7f64e4c29180 <contact_status_formatter>
>         lock = 0x7f64e4c28ce0 <endpoint_formatters>
>         __PRETTY_FUNCTION__ = "ast_sip_format_endpoint_ami"
> #4  0x00007f64e4a0c17e in ami_show_endpoint (s=0x7f6439c263b0, m=0x7f6439c268c0) at res_pjsip/pjsip_configuration.c:1526
>         ami = {s = 0x7f6439c263b0, m = 0x7f6439c268c0, action_id = 0x7f64362e3f3a "6202", arg = 0x7f64378f7428, count = 2}
>         endpoint = 0x7f64378f7428
>         endpoint_name = 0x7f6434d09a1a "xxxxxxxx"
>         count = 3
> #5  0x000000000054e011 in process_message (s=s at entry=0x7f6439c263b0, m=m at entry=0x7f6439c268c0) at manager.c:6358
>         acted = 0
>         ret = 0
>         user = <optimized out>
>         action = 0x7f64481ac708 "PJSIPShowEndpoint"
>         __PRETTY_FUNCTION__ = "process_message"



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list