[asterisk-bugs] [JIRA] (ASTERISK-26776) res_pjsip_pubsub: Crash when generating xpidf content
Matthew Fredrickson (JIRA)
noreply at issues.asterisk.org
Mon Mar 20 11:03:10 CDT 2017
[ https://issues.asterisk.org/jira/browse/ASTERISK-26776?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=235958#comment-235958 ]
Matthew Fredrickson commented on ASTERISK-26776:
------------------------------------------------
Hey [~joshelson],
I talked a little bit with [~rmudgett], and from looking at your valgrind output, it looks like there might be a problem in the xml_print_node() function in pjproject. If you look down the function, at these lines:
{code}
/* Check for empty node. */
if (node->content.slen==0 &&
node->node_head.next==(pj_xml_node*)&node->node_head)
{
*p++ = ' ';
*p++ = '/';
*p++ = '>';
return (int)(p-buf);
}
{code}
it appears that this if block needs to check to see if there's enough room left in the buffer to write those three characters " />" before trying to write them.
I'm guessing that's where you need to focus your patching efforts (from your gerrit review). Unfortunately, that would make it a bug in pjproject - but if you provide a patch against pjproject as a patch file in Asterisk's third-party/pjproject/patches/ directory we can make sure that it's applied against bundled builds of Asterisk.
> res_pjsip_pubsub: Crash when generating xpidf content
> -----------------------------------------------------
>
> Key: ASTERISK-26776
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-26776
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_pjsip_pubsub
> Affects Versions: 13.13.1
> Environment: FreePBX 13 SHMZ release 6.6 (Final)
> Linux freepbx 2.6.32-504.8.1.el6.x86_64 #1 SMP Wed Jan 28 21:11:36 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
> Cisco 7962 using firmware SIP42.9-4-2SR2-2S
> Reporter: Andrew Green
> Assignee: Unassigned
> Severity: Minor
> Attachments: asterisk console and pjsip log.txt, Asterisk crash on start.txt, backtrace.core.1757 crash on start.txt, backtrace.core.29832.txt, crash-xpidf.txt, dialplan.xml, extensions.conf, malloc-backtrace.txt, pjsip.conf, REGISTER_SUBSCRIBE_client.csv, REGISTER_SUBSCRIBE_client.xml, SEPmachere.cnf.xml, softkeys.xml, valgrind-output.txt, XMLDefault.cnf.xml
>
>
> Asterisk crashes randomly when using chan_pjsip and Cisco 7962 phones. This is the first repeatable bug I found, the other crashes happened when the phone would attempt registration and do not happen after upgrading from 13.12 to 13.13.1. I have not tried other phone firmware versions but I can upon request. Server backtrace is attached.
> Actions to reproduce:
> -Register Cisco 7962 to chan_pjsip using TCP transport (see attached XML config files)
> -Dial an internal three digit extension, call completes correctly
> -After call try typing extension number again and Asterisk will crash and phone will reset indicating lost registration with SIP server.
> Note: On my phone external numbers do not cause this issue
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list