[asterisk-bugs] [JIRA] (ASTERISK-28810) Segmentation fault in ast_manager_build_channel_state_string_prefix

Robert Sutton (JIRA) noreply at issues.asterisk.org
Tue Apr 7 19:41:25 CDT 2020 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-28810?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=250168#comment-250168 ] 

Robert Sutton commented on ASTERISK-28810:
------------------------------------------

Unfortunately I was still working towards getting the core dump configuration correct and only managed to acquire a partial core dump due to the core dump size being limited to 1MB. 

This partial core dump only yielded the single line of back trace which I've already posted.

I've since rebuilt with my patch and deployed to production - so far 1 day without a core dump.

Getting a full back trace will require pushing a known to core dump build back to production.

So the question is how important is it to get the full back trace?

> Segmentation fault in ast_manager_build_channel_state_string_prefix
> -------------------------------------------------------------------
>
>                 Key: ASTERISK-28810
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28810
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/Channels
>    Affects Versions: 16.9.0
>         Environment: docker ubuntu 18.04
>            Reporter: Robert Sutton
>            Assignee: Robert Sutton
>         Attachments: patch.txt
>
>
> We are having daily core dumps.
> ast_manager_build_channel_state_string_prefix was passed a null snapshot, upon looking around the code base there are many paths where it is called with out first checking.
> This problem will keep happening if it is reliant on callers of this method to first check the arg. The simple solution is to do a null check on the snapshot in ast_manager_build_channel_state_string_prefix and return NULL.
> I will attach a patch shortly.
> #0  ast_manager_build_channel_state_string_prefix (snapshot=0x0, prefix=0x62f514 "") at manager_channels.c:496
>         out = <error reading variable out (Cannot access memory at address 0x7f794f496cd0)>
>         caller_name = <optimized out>
>         connected_name = <optimized out>
>         res = <optimized out>
>         __PRETTY_FUNCTION__ = "ast_manager_build_channel_state_string_prefix"



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list