[asterisk-dev] [Code Review] 3055: pbx.c: put copy of ast_exten.data on stack to prevent memory corruption
Scott Griepentrog
reviewboard at asterisk.org
Tue Dec 10 13:39:37 CST 2013
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/3055/
-----------------------------------------------------------
(Updated Dec. 10, 2013, 1:39 p.m.)
Review request for Asterisk Developers and Matt Jordan.
Changes
-------
Reworked to put copy of e->data on stack while locked to prevent reference after free during reload
Summary (updated)
-----------------
pbx.c: put copy of ast_exten.data on stack to prevent memory corruption
Bugs: AST-1179 and AST-1246
https://issues.asterisk.org/jira/browse/AST-1179
https://issues.asterisk.org/jira/browse/AST-1246
Repository: Asterisk
Description (updated)
-------
During dialplan execution in pbx_extension_helper(), the contexts global read lock is used prevent changes to the dialplan. This patch puts a copy of exten->data on the stack so that can be referenced safely during variable substitution (expression evaluation) even if another thread is reloading dialplan and has deleted ast_exten.
Diffs (updated)
-----
/branches/1.8/main/pbx.c 403615
Diff: https://reviewboard.asterisk.org/r/3055/diff/
Testing
-------
Testsuite test 'dialplan_stress' (https://reviewboard.asterisk.org/r/3056/) created to isolate this problem and test this fix.
Thanks,
Scott Griepentrog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20131210/e37066f0/attachment.html>
More information about the asterisk-dev
mailing list