No subject


Fri Sep 2 03:59:05 CDT 2011


event ), because res =3D pri->read_func(.....) is returning res as 1026,
which means that the event will overflow the buffer, which is leading to
this crash.
Further investigation revealed that read() from the card's driver ( Digium
) is returning 1024 bytes as the read number of bytes ( and the application
adds 2  ).

I was able to avoid this crash by making the size of the buffer 1027 but
passing  1024 as the number of bytes to read to pri->read_func. However,
this doesn't look like the correct solution .  Can someone please tell me
what's happening here ? ( Is it because of a driver issue, or a faulty
message from the PRI ? )


#0  0xb7869424 in __kernel_vsyscall ()
No symbol table info available.
#1  0xb74b5c8f in raise () from /lib/i386-linux-gnu/libc.so.6
No symbol table info available.
#2  0xb74b92b5 in abort () from /lib/i386-linux-gnu/libc.so.6
No symbol table info available.
#3  0xb74ed15c in ?? () from /lib/i386-linux-gnu/libc.so.6
No symbol table info available.
#4  0xb7570c75 in __fortify_fail () from /lib/i386-linux-gnu/libc.so.6
No symbol table info available.
#5  0xb7570c27 in __stack_chk_fail () from /lib/i386-linux-gnu/libc.so.6
No symbol table info available.
#6  0xacf82931 in __stack_chk_fail_local () from /usr/lib/libpri.so.1.4
No symbol table info available.
#7  0xacf2011a in pri_check_event (pri=3D0x9325860) at pri.c:760
        buf =3D
"\002\001\177\000\000\237\204\267\030z\023\t\000\000\000\000\316)s\267Lz\02=
3\t\377\377\377\377C\206O\267\364\237\204\267Z\000\000\000\020'\000\000\364=
\237\204\267\243\213r\267Hz\023\tx-\361\254\300\000\000\000\300N4\t\030\000=
\000\000\031\000\000\000@\274O\267\364\237\204\267\b\b3\t\030z\023\t\364\03=
7`\267\000\064`\267\b\b3\t\000\000\000\000\255\274O\267\210)g\267\364\237\2=
04\267\364\237\204\267HW2\t\200<p\267HW2\t\b\b3\tP\000\000\000\314.\361\254=
\346\251\177\267\333\030\374\254\300\002\000\000\200\000\000\000;\037\a\255=
\264\274\004\000\320p5\t\033\000\000\000\260\274\063\061,\000\000\000\037\0=
00\000\000\314.\361\254Z)\374\254\000\000\000\000\333\030\374\254\214/\361\=
254\264\276=C9=89=D6=BA\004\000\000\000\000\000\064q\000\000\000\000\000\00=
0\000\000\000\000\030x5\tC\206O\267-03-10
03:31
\000\000\000\063\061\060\064\064\070\000\000\000\000\000\000\030\000\000\00=
0\330x5\th",
'\000' <repeats 11 times>"\364"...
        res =3D 1026
        e =3D 0x0

Thanks ..

--f46d0442807e6088e104baedc2e2
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div style>I&#39;m facing a crash in libpri.so version 1.4.12 for sometime,=
 in pri_check_event ( in pri.c line 760 ), and further down in libpri.so an=
d then in libc . The crash is :=C2=A0</div><div style><br></div><div style>=


More information about the asterisk-dev mailing list