[asterisk-bugs] [JIRA] (ASTERISK-29908) pjsip: Asterisk asserts on nonexistent registration auth and crashes
N A (JIRA)
noreply at issues.asterisk.org
Tue Feb 8 20:34:06 CST 2022
N A created ASTERISK-29908:
------------------------------
Summary: pjsip: Asterisk asserts on nonexistent registration auth and crashes
Key: ASTERISK-29908
URL: https://issues.asterisk.org/jira/browse/ASTERISK-29908
Project: Asterisk
Issue Type: Bug
Security Level: None
Components: Resources/res_pjsip, Resources/res_pjsip_outbound_registration
Affects Versions: 18.9.0
Reporter: N A
Severity: Major
Asterisk crashes when an invalid pjsip config is added.
Adding the following pjsip config, then running pjsip reload, causes Asterisk to crash:
[reg_test]
type = registration
retry_interval = 20
max_retries = 10
contact_user = test
expiration = 120
transport = transport-udp
outbound_auth = auth_SOMETHING-THAT-DOESNT-EXIST
client_uri = sip:something at something:PORT
server_uri = sip:something at something:PORT
[auth_test]
type = auth
password = test
username = test
If the referenced auth doesn't exist, Asterisk crashes.
If it exists, then no issue.
Expected behavior: PJSIP spits out a warning, but Asterisk does not crash ;)
Backtrace of thread 1:
Thread 1 (Thread 0x7f1eb43c9700 (LWP 3061921)):
#0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
set = {__val = {134238211, 139770454382278, 3978702925205438464, 139769913050784, 139769913050885, 139769913050784, 139769913050784, 139769913050893, 139769913051084, 139769913050784, 139769913051084, 0, 0, 0, 0, 0}}
pid = <optimized out>
tid = <optimized out>
#1 0x00007f1ed8431537 in __GI_abort () at abort.c:79
save_stage = 1
act = {__sigaction_handler = {sa_handler = 0x7f1eb801bd70, sa_sigaction = 0x7f1eb801bd70}, sa_mask = {__val = {0, 0, 109, 0, 0, 0, 21474836480, 94548822130008, 139769849611408, 139770455514064, 139770455499048, 0, 11911056802091368448, 139770455482328, 139770469404672, 139770455499048}}, sa_flags = -652552808, sa_restorer = 0x20b}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007f1ed843140f in __assert_fail_base (fmt=0x7f1ed859a128 "%s%s%s:%u: %s%sAssertion `%s' failed.n%n", assertion=0x7f1ed91ad68e "sess && sess->endpt", file=0x7f1ed91ad598 "../src/pjsip/sip_auth_client.c", line=523, function=<optimized out>) at assert.c:92
str = 0x7f1eb801bd70 ""
total = 4096
#3 0x00007f1ed8440662 in __GI___assert_fail (assertion=0x7f1ed91ad68e "sess && sess->endpt", file=0x7f1ed91ad598 "../src/pjsip/sip_auth_client.c", line=523, function=0x7f1ed91ad9b0 <__PRETTY_FUNCTION__.7> "pjsip_auth_clt_deinit") at assert.c:101
#4 0x00007f1ed90e87e0 in pjsip_auth_clt_deinit (sess=0x7f1eb43c86c0) at ../src/pjsip/sip_auth_client.c:523
auth = 0x1b804bbd0
__PRETTY_FUNCTION__ = "pjsip_auth_clt_deinit"
#5 0x00007f1eb5339c37 in digest_create_request_with_auth (auth_ids_vector=0x55fddcb8a2c0, challenge=0x7f1eb82b4568, old_request=0x7f1eb801cc18, new_request=0x7f1eb43c8840) at res_pjsip_outbound_authenticator_digest.c:567
auth_sess = {pool = 0x0, endpt = 0x0, pref = {initial_auth = 0, algorithm = {ptr = 0x0, slen = 0}}, cred_cnt = 0, cred_info = 0x0, cached_auth = {prev = 0x0, next = 0x0, pool = 0x0, realm = {ptr = 0x0, slen = 0}, is_proxy = 0, qop_value = PJSIP_AUTH_QOP_NONE, stale_cnt = 0, nc = 0, cnonce = {ptr = 0x0, slen = 0}, last_chal = 0x0}}
cseq = 0x7f1ed903e998
status = 32542
auth_objects_vector = {elems = 0x7f1eb804bbd0, max = 1, current = 0}
auth_object_count = 0
endpoint = 0x7f1eb8003368
id = 0x7f1eb43c8620 "REDACTED:REDACTED"
id_type = 0x7f1eb533a3b0 "Host"
realms = 0x0
dlg = 0x0
res = -1
__PRETTY_FUNCTION__ = "digest_create_request_with_auth"
__FUNCTION__ = "digest_create_request_with_auth"
#6 0x00007f1eb53863b5 in ast_sip_create_request_with_auth (auths=0x55fddcb8a2c0, challenge=0x7f1eb82b4568, old_request=0x7f1eb801cc18, new_request=0x7f1eb43c8840) at res_pjsip.c:3456
__FUNCTION__ = "ast_sip_create_request_with_auth"
#7 0x00007f1eb5320002 in handle_registration_response (data=0x7f1eb8048240) at res_pjsip_outbound_registration.c:1090
res = 22013
cseq_hdr = 0x7f1eb43c8cb0
tdata = 0x7f1eb8047c18
response = 0x7f1eb8048240
info = {server_uri = {ptr = 0x7f1eb8003d08 "sip:REDACTED at REDACTED:REDACTED", slen = 37}, client_uri = {ptr = 0x7f1eb8003e18 "sip:REDACTED at REDACTED:REDACTED", slen = 37}, is_busy = 0, auto_reg = 0, interval = 4294967295, next_reg = 0, transport = 0x55fddcdd30b8}
server_uri = "sip:REDACTED at REDACTED:REDACTED", '000' <repeats 11 times>, "370!)270000000000000350061000270036177000000000213<264036177000000003000000000000000000000Њ<264036177", '000' <repeats 12 times>, "002000000000000000{/I330036177000000O213355264036177000000000000(324r223L245001", '000' <repeats 17 times>, "002000000000000000000020000000000000000000O213355264036177000000000000(324r223L245000340a", '000' <repeats 13 times>, "`213<264036177000000N"...
client_uri = "sip:REDACTED at REDACTED:REDACTED000000000/246031331036177000000030|004270036177000000ptI334375U000000360210<264036177000000226267031331036177000000f32-80fd5416250b200211<264036177000000x211<264036177000000000211<264036177000000331&030331036177000000000211<264036177000000320t030331036177000000001000000000000000000000002000000000000000000000002", '000' <repeats 15 times>, "j310373VE(003B000000000000000000000000066062065060b000000000"...
__PRETTY_FUNCTION__ = "handle_registration_response"
__FUNCTION__ = "handle_registration_response"
#8 0x000055fddac1502a in ast_taskprocessor_execute (tps=0x55fddcb8a370) at taskprocessor.c:1237
local = {local_data = 0x7f1eb4ed8b4f, data = 0x55fddac1fd45 <ast_threadstorage_set_ptr+60>}
t = 0x7f1eb804a170
size = 1
__PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
#9 0x000055fddac22a1e in execute_tasks (data=0x55fddcb8a370) at threadpool.c:1354
tps = 0x55fddcb8a370
#10 0x000055fddac1502a in ast_taskprocessor_execute (tps=0x55fddc494cb0) at taskprocessor.c:1237
local = {local_data = 0x7f1eb43c8d60, data = 0x55fddc494b18}
t = 0x7f1eb804a140
size = 3023867312
__PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
#11 0x000055fddac20583 in threadpool_execute (pool=0x55fddc494b30) at threadpool.c:367
__PRETTY_FUNCTION__ = "threadpool_execute"
#12 0x000055fddac221b4 in worker_active (worker=0x7f1ec8001180) at threadpool.c:1137
alive = 0
#13 0x000055fddac21f25 in worker_start (arg=0x7f1ec8001180) at threadpool.c:1056
worker = 0x7f1ec8001180
saved_state = (ZOMBIE | unknown: 0x55fc)
__PRETTY_FUNCTION__ = "worker_start"
#14 0x000055fddac2e535 in dummy_start (data=0x55fddc9ade20) at utils.c:1572
__cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {0, -7867487808718471600, 139769861213006, 139769861213007, 139769849614208, 516096, -7867487808827523504, -4100584114122490288}, __mask_was_saved = 0}}, __pad = {0x7f1eb43c8ed0, 0x0, 0x0, 0x0}}
__cancel_routine = 0x55fddaa8336d <ast_unregister_thread>
__cancel_arg = 0x7f1eb43c9700
__not_first_call = 0
ret = 0x0
a = {start_routine = 0x55fddac21e8f <worker_start>, data = 0x7f1ec8001180, name = 0x7f1ec8001290 "worker_start started at [ 1111] threadpool.c worker_thread_start()"}
__PRETTY_FUNCTION__ = "dummy_start"
#15 0x00007f1ed88deea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
ret = <optimized out>
pd = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139769849616128, 7848782376321580624, 139769861213006, 139769861213007, 139769849614208, 516096, -7867487808720568752, -7867286178244559280}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = 0
#16 0x00007f1ed8509def in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list