[Asterisk-code-review] core/briding: correct crash case when bridge relay an empty ... (asterisk[13])
Richard Mudgett
asteriskteam at digium.com
Mon Oct 1 17:53:40 CDT 2018
Richard Mudgett has posted comments on this change. ( https://gerrit.asterisk.org/10269 )
Change subject: core/briding: correct crash case when bridge relay an empty text frame
......................................................................
Patch Set 2: Code-Review-1
(5 comments)
https://gerrit.asterisk.org/#/c/10269/2//COMMIT_MSG
Commit Message:
https://gerrit.asterisk.org/#/c/10269/2//COMMIT_MSG@9
PS2, Line 9: If a channel creates a AST_TEXT_FRAME with datalen == 0 and an invalid
: dataptr, it causes a crash. The proposed fix is not to call sendtext
: on such frames. It is not entirely transparent (it removes empty text
: frames from the communication)
This is no longer correct
https://gerrit.asterisk.org/#/c/10269/2/main/bridge_channel.c
File main/bridge_channel.c:
https://gerrit.asterisk.org/#/c/10269/2/main/bridge_channel.c@2366
PS2, Line 2366: ast_channel_name(bridge_channel->chan), fr->datalen, (char *)fr->data.ptr);
undo the indention change
https://gerrit.asterisk.org/#/c/10269/2/main/frame.c
File main/frame.c:
https://gerrit.asterisk.org/#/c/10269/2/main/frame.c@263
PS2, Line 263: if (!fr->datalen) {
: /* Actually it's just an int so we can simply copy it. */
: out->data.uint32 = fr->data.uint32;
: return out;
: }
This also needs fixing for the same reason when we isolate the frame data buffer.
if (!fr->datalen && fr->frametype != AST_FRAME_TEXT) {
...
}
https://gerrit.asterisk.org/#/c/10269/2/main/frame.c@364
PS2, Line 364: out->data.ptr = buf + sizeof(*out) + AST_FRIENDLY_OFFSET;
red blob
https://gerrit.asterisk.org/#/c/10269/2/main/frame.c@360
PS2, Line 360: if (out->datalen) {
: out->data.ptr = buf + sizeof(*out) + AST_FRIENDLY_OFFSET;
: memcpy(out->data.ptr, f->data.ptr, out->datalen);
: } else if (f->frametype == AST_FRAME_TEXT) {
: out->data.ptr = buf + sizeof(*out) + AST_FRIENDLY_OFFSET;
: } else {
: out->data.uint32 = f->data.uint32;
: }
Actually you could simplify the logic:
if (out->datalen || f->frametype == AST_FRAME_TEXT) {
...
} else {
...
}
--
To view, visit https://gerrit.asterisk.org/10269
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-MessageType: comment
Gerrit-Change-Id: Ib882dd028598f13c4c233edbfdd7e54ad44a68e9
Gerrit-Change-Number: 10269
Gerrit-PatchSet: 2
Gerrit-Owner: Emmanuel BUU <emmanuel.buu at ives.fr>
Gerrit-Reviewer: Corey Farrell <git at cfware.com>
Gerrit-Reviewer: Jenkins2 (1000185)
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>
Gerrit-Comment-Date: Mon, 01 Oct 2018 22:53:40 +0000
Gerrit-HasComments: Yes
Gerrit-HasLabels: Yes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20181001/1f7ebb58/attachment.html>
More information about the asterisk-code-review
mailing list