[Asterisk-Users] chan_iax2.c problem?

[Chamberland-Larose, Guillaume]

Hi,

I was messing around with FireFly last night and got asterisk to crash
hard. It looks like the bug is a division by zero in chan_iax2.c.
I reproduced it and here are some infos I got from gdb:

[Switching to Thread 245775 (LWP 23251)]
0x41154918 in calc_timestamp (p=0x816b710, ts=0, f=0x424eef24) at
chan_iax2.c:2896
2896                                    int diff = ms % (f->samples /
8);

(gdb) display f->samples
1: f->samples = 0

(gdb) backtrace
#0  0x41154918 in calc_timestamp (p=0x816b710, ts=0, f=0x424eef24) at
chan_iax2.c:2896
#1  0x41153119 in iax2_send (pvt=0x816b710, f=0x424eef24, ts=32,
seqno=-1, now=0, transfer=0, final=32) at chan_iax2.c:3091
#2  0x41166e17 in iax2_write (c=0x20, f=0x424eef24) at chan_iax2.c:3551
#3  0x0805cd41 in ast_write (chan=0x816bd90, fr=0x424eef24) at
channel.c:1634
#4  0x080610e3 in ast_activate_generator (chan=0x816bd90,
gen=0x407ca918,
params=0x20) at channel.c:1554
#5  0x407c725e in ast_moh_start (chan=0x0, class=0x20 <Address 0x20 out
of
bounds>) at res_musiconhold.c:598
#6  0x41804e3d in dial_exec (chan=0x816bd90, data=0x816bd90) at
app_dial.c:882
#7  0x08074a1f in pbx_exec (c=0x816bd90, app=0x8157770, data=0x424f1b24,
newstack=1) at pbx.c:469

I was calling Firefly's own extension from Firefly to test Busy() and
Playtones(busy) with Firefly. What happened was I got a socket error in
asterisk's console saying connection was refused from Firefly because
it's busy then this crash.

Simply setting diff = 0 if f->samples is 0 will prevent asterisk from
crashing but Firefly will crash to desktop instead. :s

Any ideas what this is all about?

Guills