[asterisk-bugs] [JIRA] (ASTERISK-29908) pjsip: Asterisk asserts on nonexistent registration auth and crashes
Joshua C. Colp (JIRA)
noreply at issues.asterisk.org
Wed Feb 9 04:07:07 CST 2022
[ https://issues.asterisk.org/jira/browse/ASTERISK-29908?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joshua C. Colp closed ASTERISK-29908.
-------------------------------------
Resolution: Duplicate
> pjsip: Asterisk asserts on nonexistent registration auth and crashes
> --------------------------------------------------------------------
>
> Key: ASTERISK-29908
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-29908
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_pjsip, Resources/res_pjsip_outbound_registration
> Affects Versions: 18.9.0
> Reporter: N A
> Severity: Major
>
> Asterisk crashes when an invalid pjsip config is added.
> Adding the following pjsip config, then running pjsip reload, causes Asterisk to crash:
> [reg_test]
> type = registration
> retry_interval = 20
> max_retries = 10
> contact_user = test
> expiration = 120
> transport = transport-udp
> outbound_auth = auth_SOMETHING-THAT-DOESNT-EXIST
> client_uri = sip:something at something:PORT
> server_uri = sip:something at something:PORT
> [auth_test]
> type = auth
> password = test
> username = test
> If the referenced auth doesn't exist, Asterisk crashes.
> If it exists, then no issue.
> Expected behavior: PJSIP spits out a warning, but Asterisk does not crash ;)
> Backtrace of thread 1:
> Thread 1 (Thread 0x7f1eb43c9700 (LWP 3061921)):
> #0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
> set = {__val = {134238211, 139770454382278, 3978702925205438464, 139769913050784, 139769913050885, 139769913050784, 139769913050784, 139769913050893, 139769913051084, 139769913050784, 139769913051084, 0, 0, 0, 0, 0}}
> pid = <optimized out>
> tid = <optimized out>
> #1 0x00007f1ed8431537 in __GI_abort () at abort.c:79
> save_stage = 1
> act = {__sigaction_handler = {sa_handler = 0x7f1eb801bd70, sa_sigaction = 0x7f1eb801bd70}, sa_mask = {__val = {0, 0, 109, 0, 0, 0, 21474836480, 94548822130008, 139769849611408, 139770455514064, 139770455499048, 0, 11911056802091368448, 139770455482328, 139770469404672, 139770455499048}}, sa_flags = -652552808, sa_restorer = 0x20b}
> sigs = {__val = {32, 0 <repeats 15 times>}}
> #2 0x00007f1ed843140f in __assert_fail_base (fmt=0x7f1ed859a128 "%s%s%s:%u: %s%sAssertion `%s' failed.n%n", assertion=0x7f1ed91ad68e "sess && sess->endpt", file=0x7f1ed91ad598 "../src/pjsip/sip_auth_client.c", line=523, function=<optimized out>) at assert.c:92
> str = 0x7f1eb801bd70 ""
> total = 4096
> #3 0x00007f1ed8440662 in __GI___assert_fail (assertion=0x7f1ed91ad68e "sess && sess->endpt", file=0x7f1ed91ad598 "../src/pjsip/sip_auth_client.c", line=523, function=0x7f1ed91ad9b0 <__PRETTY_FUNCTION__.7> "pjsip_auth_clt_deinit") at assert.c:101
> #4 0x00007f1ed90e87e0 in pjsip_auth_clt_deinit (sess=0x7f1eb43c86c0) at ../src/pjsip/sip_auth_client.c:523
> auth = 0x1b804bbd0
> __PRETTY_FUNCTION__ = "pjsip_auth_clt_deinit"
> #5 0x00007f1eb5339c37 in digest_create_request_with_auth (auth_ids_vector=0x55fddcb8a2c0, challenge=0x7f1eb82b4568, old_request=0x7f1eb801cc18, new_request=0x7f1eb43c8840) at res_pjsip_outbound_authenticator_digest.c:567
> auth_sess = {pool = 0x0, endpt = 0x0, pref = {initial_auth = 0, algorithm = {ptr = 0x0, slen = 0}}, cred_cnt = 0, cred_info = 0x0, cached_auth = {prev = 0x0, next = 0x0, pool = 0x0, realm = {ptr = 0x0, slen = 0}, is_proxy = 0, qop_value = PJSIP_AUTH_QOP_NONE, stale_cnt = 0, nc = 0, cnonce = {ptr = 0x0, slen = 0}, last_chal = 0x0}}
> cseq = 0x7f1ed903e998
> status = 32542
> auth_objects_vector = {elems = 0x7f1eb804bbd0, max = 1, current = 0}
> auth_object_count = 0
> endpoint = 0x7f1eb8003368
> id = 0x7f1eb43c8620 "REDACTED:REDACTED"
> id_type = 0x7f1eb533a3b0 "Host"
> realms = 0x0
> dlg = 0x0
> res = -1
> __PRETTY_FUNCTION__ = "digest_create_request_with_auth"
> __FUNCTION__ = "digest_create_request_with_auth"
> #6 0x00007f1eb53863b5 in ast_sip_create_request_with_auth (auths=0x55fddcb8a2c0, challenge=0x7f1eb82b4568, old_request=0x7f1eb801cc18, new_request=0x7f1eb43c8840) at res_pjsip.c:3456
> __FUNCTION__ = "ast_sip_create_request_with_auth"
> #7 0x00007f1eb5320002 in handle_registration_response (data=0x7f1eb8048240) at res_pjsip_outbound_registration.c:1090
> res = 22013
> cseq_hdr = 0x7f1eb43c8cb0
> tdata = 0x7f1eb8047c18
> response = 0x7f1eb8048240
> info = {server_uri = {ptr = 0x7f1eb8003d08 "sip:REDACTED at REDACTED:REDACTED", slen = 37}, client_uri = {ptr = 0x7f1eb8003e18 "sip:REDACTED at REDACTED:REDACTED", slen = 37}, is_busy = 0, auto_reg = 0, interval = 4294967295, next_reg = 0, transport = 0x55fddcdd30b8}
> server_uri = "sip:REDACTED at REDACTED:REDACTED", '000' <repeats 11 times>, "370!)270000000000000350061000270036177000000000213<264036177000000003000000000000000000000Њ<264036177", '000' <repeats 12 times>, "002000000000000000{/I330036177000000O213355264036177000000000000(324r223L245001", '000' <repeats 17 times>, "002000000000000000000020000000000000000000O213355264036177000000000000(324r223L245000340a", '000' <repeats 13 times>, "`213<264036177000000N"...
> client_uri = "sip:REDACTED at REDACTED:REDACTED000000000/246031331036177000000030|004270036177000000ptI334375U000000360210<264036177000000226267031331036177000000f32-80fd5416250b200211<264036177000000x211<264036177000000000211<264036177000000331&030331036177000000000211<264036177000000320t030331036177000000001000000000000000000000002000000000000000000000002", '000' <repeats 15 times>, "j310373VE(003B000000000000000000000000066062065060b000000000"...
> __PRETTY_FUNCTION__ = "handle_registration_response"
> __FUNCTION__ = "handle_registration_response"
> #8 0x000055fddac1502a in ast_taskprocessor_execute (tps=0x55fddcb8a370) at taskprocessor.c:1237
> local = {local_data = 0x7f1eb4ed8b4f, data = 0x55fddac1fd45 <ast_threadstorage_set_ptr+60>}
> t = 0x7f1eb804a170
> size = 1
> __PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
> #9 0x000055fddac22a1e in execute_tasks (data=0x55fddcb8a370) at threadpool.c:1354
> tps = 0x55fddcb8a370
> #10 0x000055fddac1502a in ast_taskprocessor_execute (tps=0x55fddc494cb0) at taskprocessor.c:1237
> local = {local_data = 0x7f1eb43c8d60, data = 0x55fddc494b18}
> t = 0x7f1eb804a140
> size = 3023867312
> __PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
> #11 0x000055fddac20583 in threadpool_execute (pool=0x55fddc494b30) at threadpool.c:367
> __PRETTY_FUNCTION__ = "threadpool_execute"
> #12 0x000055fddac221b4 in worker_active (worker=0x7f1ec8001180) at threadpool.c:1137
> alive = 0
> #13 0x000055fddac21f25 in worker_start (arg=0x7f1ec8001180) at threadpool.c:1056
> worker = 0x7f1ec8001180
> saved_state = (ZOMBIE | unknown: 0x55fc)
> __PRETTY_FUNCTION__ = "worker_start"
> #14 0x000055fddac2e535 in dummy_start (data=0x55fddc9ade20) at utils.c:1572
> __cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {0, -7867487808718471600, 139769861213006, 139769861213007, 139769849614208, 516096, -7867487808827523504, -4100584114122490288}, __mask_was_saved = 0}}, __pad = {0x7f1eb43c8ed0, 0x0, 0x0, 0x0}}
> __cancel_routine = 0x55fddaa8336d <ast_unregister_thread>
> __cancel_arg = 0x7f1eb43c9700
> __not_first_call = 0
> ret = 0x0
> a = {start_routine = 0x55fddac21e8f <worker_start>, data = 0x7f1ec8001180, name = 0x7f1ec8001290 "worker_start started at [ 1111] threadpool.c worker_thread_start()"}
> __PRETTY_FUNCTION__ = "dummy_start"
> #15 0x00007f1ed88deea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
> ret = <optimized out>
> pd = <optimized out>
> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139769849616128, 7848782376321580624, 139769861213006, 139769861213007, 139769849614208, 516096, -7867487808720568752, -7867286178244559280}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
> not_first_call = 0
> #16 0x00007f1ed8509def in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list