Summary:ASTERISK-02432: Segmentation fault in chan_iax2.c
Reporter:tih (tih)Labels:
Date Opened:2004-09-19 12:39:38Date Closed:2008-01-15 15:07:52.000-0600
Versions:Frequency of
Description:This morning, Asterisk crashed on a seg fault (signal 11). It seems to have happened during the handling of an authentication challenge from the FWD IAX gateway while re-registering after it had been unreachable for a short period. The backtrace looks like this:

(gdb) where
#0  0x483bc45a in registry_rerequest (ies=0x63ffdd78, callno=2, sin=0x63fffef8)
   at ../include/asterisk/acl.h:42
#1  0x483b3d1f in socket_read (id=0x8246450, fd=13, events=1, cbdata=0x0)
   at chan_iax2.c:5707
#2  0x08051b1d in ast_io_wait (ioc=0x810f6c0, howlong=990) at io.c:267
#3  0x483ad001 in network_thread (ignore=0x0) at chan_iax2.c:6184
#4  0x4814879d in pthread_create () from /usr/lib/libpthread.so.0
(gdb) print sin1
$1 = (struct sockaddr_in *) 0x79cd2741
(gdb) print sin2
$2 = (struct sockaddr_in *) 0x0

Note that a null pointer is being dereferenced. I don't know whether the inaddrcmp() inline ought to test for nulls, or if it's the user (registry_rerequest()) that's at fault, or both.

I'm keeping the core dump, so I can dig for any needed information.
Comments:By: tih (tih) 2004-09-19 12:52:15

Hmpf! Forgot to quote my version string:

Asterisk CVS-HEAD-09/16/04-06:57:19 built by root@barsoom.hamartun.priv.no on a i386 running NetBSD

By: Mark Spencer (markster) 2004-09-19 13:17:31

Fixed in CVS

By: Digium Subversion (svnbot) 2008-01-15 15:07:52.000-0600

Repository: asterisk
Revision: 3810

U   trunk/channels/chan_iax2.c

r3810 | markster | 2008-01-15 15:07:51 -0600 (Tue, 15 Jan 2008) | 2 lines

Don't register auth against something that isn't a register (bug ASTERISK-2432)