[asterisk-bugs] [JIRA] (ASTERISK-27393) res_pjsip: Crash occurs when an empty contact is specified on an AOR
Richard Mudgett (JIRA)
noreply at issues.asterisk.org
Mon Nov 6 06:33:28 CST 2017
[ https://issues.asterisk.org/jira/browse/ASTERISK-27393?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Richard Mudgett updated ASTERISK-27393:
---------------------------------------
Description:
I have searched other issues similar to this, for example:
ASTERISK-25970
but the crash i met is different. it can be reproduced easily by support a contact with uri="".
the backtrace:
(gdb) bt
#0 pjsip_url_compare (context=PJSIP_URI_IN_CONTACT_HDR, url1=0x7f7e60029f88, url2=0x0) at ../src/pjsip/sip_uri.c:400
#1 0x00007f7e3ed38737 in pjsip_uri_cmp (uri2=<optimized out>, uri1=<optimized out>, context=PJSIP_URI_IN_CONTACT_HDR)
at /home/cti-link/cti-link-webrtc/asterisk/asterisk-13.16.0/third-party/pjproject/source/pjsip/include/pjsip/sip_uri.h:287
#2 registrar_find_contact (obj=<optimized out>, arg=0x7f7e541c49b0, flags=<optimized out>) at res_pjsip_registrar.c:127
#3 0x000000000047dd3a in internal_ao2_traverse (self=0x7f7e60033fe8, flags=OBJ_SEARCH_NONE, cb_fn=0x7f7e3ed386f0 <registrar_find_contact>, arg=0x7f7e541c49b0, data=0x0, type=AO2_CALLBACK_DEFAULT,
tag=0x0, file=0x0, line=0, func=0x0) at astobj2_container.c:354
#4 0x000000000047e2de in __ao2_callback (c=0x7f7e60033fe8, flags=OBJ_SEARCH_NONE, cb_fn=0x7f7e3ed386f0 <registrar_find_contact>, arg=0x7f7e541c49b0) at astobj2_container.c:455
#5 0x00007f7e3ed39c06 in registrar_validate_contacts (deleted=<synthetic pointer>, updated=<synthetic pointer>, added=<synthetic pointer>, aor=0x7f7e60019db8, contacts=0x7f7e60033fe8,
rdata=0x7f7e6002c3a8) at res_pjsip_registrar.c:181
#6 register_aor_core (rdata=rdata at entry=0x7f7e6002c3a8, endpoint=endpoint at entry=0x7f7e60038618, aor=aor at entry=0x7f7e60019db8, aor_name=aor_name at entry=0x7f7e6001a270 "70000029023",
contacts=contacts at entry=0x7f7e60033fe8) at res_pjsip_registrar.c:342
#7 0x00007f7e3ed3bcf6 in register_aor (aor_name=0x7f7e6001a270 "70000029023", aor=0x7f7e60019db8, endpoint=0x7f7e60038618, rdata=0x7f7e6002c3a8) at res_pjsip_registrar.c:575
#8 registrar_on_rx_request (rdata=0x7f7e6002c3a8) at res_pjsip_registrar.c:760
#9 0x00007f7e8394c4b7 in pjsip_endpt_process_rx_data (endpt=<optimized out>, rdata=rdata at entry=0x7f7e6002c3a8, p=p at entry=0x7f7e56d15730 <param.24222>, p_handled=p_handled at entry=0x7f7e541c4bbc)
at ../src/pjsip/sip_endpoint.c:887
#10 0x00007f7e56adebec in distribute (data=0x7f7e6002c3a8) at res_pjsip/pjsip_distributor.c:770
#11 0x000000000071b0cd in ast_taskprocessor_execute (tps=0x2b77b50) at taskprocessor.c:965
#12 0x000000000072f92d in execute_tasks (data=0x2b77b50) at threadpool.c:1322
#13 0x000000000071b0cd in ast_taskprocessor_execute (tps=0x28bfae0) at taskprocessor.c:965
#14 0x000000000072c591 in threadpool_execute (pool=0x28c17f0) at threadpool.c:351
#15 0x000000000072ed33 in worker_active (worker=0x7f7e700009a0) at threadpool.c:1105
#16 0x000000000072e996 in worker_start (arg=0x7f7e700009a0) at threadpool.c:1024
#17 0x00000000007428d6 in dummy_start (data=0x7f7e70000ab0) at utils.c:1238
#18 0x00007f7e81de0dc5 in start_thread () from /lib64/libpthread.so.0
#19 0x00007f7e810cc6ed in clone () from /lib64/libc.so.6
was:
I have searched other issues similar to this, for example:
https://issues.asterisk.org/jira/browse/ASTERISK-25970
but the crash i met is different. it can be reproduced easily by support a contact with uri="".
the backtrace:
(gdb) bt
#0 pjsip_url_compare (context=PJSIP_URI_IN_CONTACT_HDR, url1=0x7f7e60029f88, url2=0x0) at ../src/pjsip/sip_uri.c:400
#1 0x00007f7e3ed38737 in pjsip_uri_cmp (uri2=<optimized out>, uri1=<optimized out>, context=PJSIP_URI_IN_CONTACT_HDR)
at /home/cti-link/cti-link-webrtc/asterisk/asterisk-13.16.0/third-party/pjproject/source/pjsip/include/pjsip/sip_uri.h:287
#2 registrar_find_contact (obj=<optimized out>, arg=0x7f7e541c49b0, flags=<optimized out>) at res_pjsip_registrar.c:127
#3 0x000000000047dd3a in internal_ao2_traverse (self=0x7f7e60033fe8, flags=OBJ_SEARCH_NONE, cb_fn=0x7f7e3ed386f0 <registrar_find_contact>, arg=0x7f7e541c49b0, data=0x0, type=AO2_CALLBACK_DEFAULT,
tag=0x0, file=0x0, line=0, func=0x0) at astobj2_container.c:354
#4 0x000000000047e2de in __ao2_callback (c=0x7f7e60033fe8, flags=OBJ_SEARCH_NONE, cb_fn=0x7f7e3ed386f0 <registrar_find_contact>, arg=0x7f7e541c49b0) at astobj2_container.c:455
#5 0x00007f7e3ed39c06 in registrar_validate_contacts (deleted=<synthetic pointer>, updated=<synthetic pointer>, added=<synthetic pointer>, aor=0x7f7e60019db8, contacts=0x7f7e60033fe8,
rdata=0x7f7e6002c3a8) at res_pjsip_registrar.c:181
#6 register_aor_core (rdata=rdata at entry=0x7f7e6002c3a8, endpoint=endpoint at entry=0x7f7e60038618, aor=aor at entry=0x7f7e60019db8, aor_name=aor_name at entry=0x7f7e6001a270 "70000029023",
contacts=contacts at entry=0x7f7e60033fe8) at res_pjsip_registrar.c:342
#7 0x00007f7e3ed3bcf6 in register_aor (aor_name=0x7f7e6001a270 "70000029023", aor=0x7f7e60019db8, endpoint=0x7f7e60038618, rdata=0x7f7e6002c3a8) at res_pjsip_registrar.c:575
#8 registrar_on_rx_request (rdata=0x7f7e6002c3a8) at res_pjsip_registrar.c:760
#9 0x00007f7e8394c4b7 in pjsip_endpt_process_rx_data (endpt=<optimized out>, rdata=rdata at entry=0x7f7e6002c3a8, p=p at entry=0x7f7e56d15730 <param.24222>, p_handled=p_handled at entry=0x7f7e541c4bbc)
at ../src/pjsip/sip_endpoint.c:887
#10 0x00007f7e56adebec in distribute (data=0x7f7e6002c3a8) at res_pjsip/pjsip_distributor.c:770
#11 0x000000000071b0cd in ast_taskprocessor_execute (tps=0x2b77b50) at taskprocessor.c:965
#12 0x000000000072f92d in execute_tasks (data=0x2b77b50) at threadpool.c:1322
#13 0x000000000071b0cd in ast_taskprocessor_execute (tps=0x28bfae0) at taskprocessor.c:965
#14 0x000000000072c591 in threadpool_execute (pool=0x28c17f0) at threadpool.c:351
#15 0x000000000072ed33 in worker_active (worker=0x7f7e700009a0) at threadpool.c:1105
#16 0x000000000072e996 in worker_start (arg=0x7f7e700009a0) at threadpool.c:1024
#17 0x00000000007428d6 in dummy_start (data=0x7f7e70000ab0) at utils.c:1238
#18 0x00007f7e81de0dc5 in start_thread () from /lib64/libpthread.so.0
#19 0x00007f7e810cc6ed in clone () from /lib64/libc.so.6
> res_pjsip: Crash occurs when an empty contact is specified on an AOR
> --------------------------------------------------------------------
>
> Key: ASTERISK-27393
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-27393
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_pjsip
> Affects Versions: 13.16.0
> Environment: CentOS6.5 X64
> Reporter: Aaron An
> Assignee: Aaron An
> Severity: Minor
>
> I have searched other issues similar to this, for example:
> ASTERISK-25970
> but the crash i met is different. it can be reproduced easily by support a contact with uri="".
> the backtrace:
> (gdb) bt
> #0 pjsip_url_compare (context=PJSIP_URI_IN_CONTACT_HDR, url1=0x7f7e60029f88, url2=0x0) at ../src/pjsip/sip_uri.c:400
> #1 0x00007f7e3ed38737 in pjsip_uri_cmp (uri2=<optimized out>, uri1=<optimized out>, context=PJSIP_URI_IN_CONTACT_HDR)
> at /home/cti-link/cti-link-webrtc/asterisk/asterisk-13.16.0/third-party/pjproject/source/pjsip/include/pjsip/sip_uri.h:287
> #2 registrar_find_contact (obj=<optimized out>, arg=0x7f7e541c49b0, flags=<optimized out>) at res_pjsip_registrar.c:127
> #3 0x000000000047dd3a in internal_ao2_traverse (self=0x7f7e60033fe8, flags=OBJ_SEARCH_NONE, cb_fn=0x7f7e3ed386f0 <registrar_find_contact>, arg=0x7f7e541c49b0, data=0x0, type=AO2_CALLBACK_DEFAULT,
> tag=0x0, file=0x0, line=0, func=0x0) at astobj2_container.c:354
> #4 0x000000000047e2de in __ao2_callback (c=0x7f7e60033fe8, flags=OBJ_SEARCH_NONE, cb_fn=0x7f7e3ed386f0 <registrar_find_contact>, arg=0x7f7e541c49b0) at astobj2_container.c:455
> #5 0x00007f7e3ed39c06 in registrar_validate_contacts (deleted=<synthetic pointer>, updated=<synthetic pointer>, added=<synthetic pointer>, aor=0x7f7e60019db8, contacts=0x7f7e60033fe8,
> rdata=0x7f7e6002c3a8) at res_pjsip_registrar.c:181
> #6 register_aor_core (rdata=rdata at entry=0x7f7e6002c3a8, endpoint=endpoint at entry=0x7f7e60038618, aor=aor at entry=0x7f7e60019db8, aor_name=aor_name at entry=0x7f7e6001a270 "70000029023",
> contacts=contacts at entry=0x7f7e60033fe8) at res_pjsip_registrar.c:342
> #7 0x00007f7e3ed3bcf6 in register_aor (aor_name=0x7f7e6001a270 "70000029023", aor=0x7f7e60019db8, endpoint=0x7f7e60038618, rdata=0x7f7e6002c3a8) at res_pjsip_registrar.c:575
> #8 registrar_on_rx_request (rdata=0x7f7e6002c3a8) at res_pjsip_registrar.c:760
> #9 0x00007f7e8394c4b7 in pjsip_endpt_process_rx_data (endpt=<optimized out>, rdata=rdata at entry=0x7f7e6002c3a8, p=p at entry=0x7f7e56d15730 <param.24222>, p_handled=p_handled at entry=0x7f7e541c4bbc)
> at ../src/pjsip/sip_endpoint.c:887
> #10 0x00007f7e56adebec in distribute (data=0x7f7e6002c3a8) at res_pjsip/pjsip_distributor.c:770
> #11 0x000000000071b0cd in ast_taskprocessor_execute (tps=0x2b77b50) at taskprocessor.c:965
> #12 0x000000000072f92d in execute_tasks (data=0x2b77b50) at threadpool.c:1322
> #13 0x000000000071b0cd in ast_taskprocessor_execute (tps=0x28bfae0) at taskprocessor.c:965
> #14 0x000000000072c591 in threadpool_execute (pool=0x28c17f0) at threadpool.c:351
> #15 0x000000000072ed33 in worker_active (worker=0x7f7e700009a0) at threadpool.c:1105
> #16 0x000000000072e996 in worker_start (arg=0x7f7e700009a0) at threadpool.c:1024
> #17 0x00000000007428d6 in dummy_start (data=0x7f7e70000ab0) at utils.c:1238
> #18 0x00007f7e81de0dc5 in start_thread () from /lib64/libpthread.so.0
> #19 0x00007f7e810cc6ed in clone () from /lib64/libc.so.6
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list