[asterisk-bugs] [JIRA] (ASTERISK-28472) Asterisk occasionally passes a NULL as srtp->session to srtp_protect/unprotect causing SEGV

Jonas Swiatek (JIRA) noreply at issues.asterisk.org
Thu Aug 8 03:46:48 CDT 2019


    [ https://issues.asterisk.org/jira/browse/ASTERISK-28472?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=247725#comment-247725 ] 

Jonas Swiatek commented on ASTERISK-28472:
------------------------------------------

Hi Kevin,

Cool - I'll apply this patch this coming weekend! Is this meant to be applied to the code at the 16.4 tag, or against the current master of the git repository?

> Asterisk occasionally passes a NULL as srtp->session to srtp_protect/unprotect causing SEGV
> -------------------------------------------------------------------------------------------
>
>                 Key: ASTERISK-28472
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28472
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: General
>    Affects Versions: 16.4.0
>         Environment: Amazon Linux 2
>            Reporter: Jonas Swiatek
>            Assignee: Kevin Harwell
>            Severity: Critical
>              Labels: pjsip
>         Attachments: core-2019-07-10T17-36-23+0000-brief.txt, core-2019-07-10T17-36-23+0000-full.txt, core-2019-07-10T17-36-23+0000-locks.txt, core-2019-07-10T17-36-23+0000-thread1.txt, core-2019-07-19T13-40-30+0000-brief.txt, core-2019-07-19T13-40-30+0000-full.txt, core-2019-07-19T13-40-30+0000-locks.txt, core-2019-07-19T13-40-30+0000-thread1.txt, core-brief.txt, core-full.txt, core-locks.txt, core-thread1.txt, extensions.conf, pjsip.conf
>
>
> We're seeing this crash every now and then - last time was around 3 weeks ago, on Asterisk 16.3, though we've upgraded to 16.4 since then, and enabled BETTER_BACKTRACES and DONT_OPTIMIZED to try and get to the bottom of it.
> I'm at a loss for what might be causing it. When this server crashed it was serving 6 channels, and the only exotic thing being used by any of them were ARI, but I don't believe any of the active channels were actually in the Stasis application.
> I'm not really qualified to read the crash dump, but there is some mention of libsrtp in one of the files, so I've included which version of that we're using (1.5.4, as recommended on the wiki).
> Any insight would be greatly appreciated, and I can provide whatever else information might be valuable.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list