[asterisk-dev] ASTERISK-26978 - rtp: Crash in ast_rtp_codecs_payload_code()
Ross Beer
ross.beer at outlook.com
Wed May 24 09:13:45 CDT 2017
Hi,
I'm trying to fix a bug within the ast_rtp_codecs_payload_code(), there are multiple crashes in the procedure.
The latest being:
#0 0x000000000051f883 in ast_format_cmp (format1=0x2bf73b8, format2=0x151) at format.c:247
This line contains:
if (format1->codec != format2->codec) {
return AST_FORMAT_CMP_NOT_EQUAL;
}
In the code before this line there are checks that 'format1' and 'format2' are not NULL however there are no checks to see if 'format1->codec' or 'format2->codec' are not NULL.
Therefore I have added the following code to check for this:
if (format1->codec == NULL || format2->codec == NULL) {
return AST_FORMAT_CMP_NOT_EQUAL;
}
The question is, should 'codec' be NULL if 'format1' and 'format2' are not NULL? Is adding the above check, the correct fix?
Kind regards,
Ross
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20170524/2487240f/attachment.html>
More information about the asterisk-dev
mailing list