Summary: | ASTERISK-03605: [patch] Voicemail crash on vm_authenticate() | ||
Reporter: | Paul Cadach (pcadach) | Labels: | |
Date Opened: | 2005-02-28 10:25:53.000-0600 | Date Closed: | 2008-01-15 15:26:41.000-0600 |
Priority: | Critical | Regression? | No |
Status: | Closed/Complete | Components: | Applications/app_voicemail |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ( 0) vm-auth.diff | |
Description: | Just got coredump on authenticating stuff. Fix is easy so no patch is attached. ****** ADDITIONAL INFORMATION ****** This is trace of segfault point )vmu is NULL): (gdb) up #1 0x45d54d6c in vm_authenticate (chan=0x81a8788, mailbox=0x465f8a0c "3232200709", mailbox_size=80, res_vmu=0x465f855c, context=0x465f92b4 "default", prefix=0x465f94bc "", skipuser=0, maxlogins=3) at app_voicemail.c:4466 4466 memcpy(res_vmu, vmu, sizeof(struct ast_vm_user)); (gdb) l 4461 ast_stopstream(chan); 4462 ast_play_and_wait(chan, "vm-goodbye"); 4463 return -1; 4464 } 4465 if (!skipuser) { 4466 memcpy(res_vmu, vmu, sizeof(struct ast_vm_user)); 4467 } 4468 return 0; 4469 } 4470 (gdb) Possible solutions: change condition at line 4465 to (vmu && !skipuser) or (valid && !skipuser) - I'm not sure which fix will be correct. | ||
Comments: | By: Kevin P. Fleming (kpfleming) 2005-02-28 10:36:32.000-0600 The previous if statement already checked for 'valid' and returned from the function if it's not set, so that won't help. In my reading of the code, I don't see how it can get to the memcpy() with valid set to non-zero and vmu still NULL. By: Paul Cadach (pcadach) 2005-02-28 10:42:58.000-0600 Reproduced: just enter invalid mailbox and invalid password - Asterisk will crash. By: Paul Cadach (pcadach) 2005-02-28 11:04:09.000-0600 Addition, there is next messages on console before crash: Feb 28 22:54:46 WARNING[6868]: file.c:486 ast_openstream_full: File vm-incorrect-mailbox does not exist in any format Feb 28 22:54:46 WARNING[6868]: file.c:790 ast_streamfile: Unable to open vm-incorrect-mailbox (format unknown): No such file or directory By: Paul Cadach (pcadach) 2005-02-28 11:16:59.000-0600 Kevin's suggested patch is made, tested and attached to this ticket. Patch is for current CVS tree. By: Kevin P. Fleming (kpfleming) 2005-02-28 11:42:52.000-0600 The patch looks fine to me, and probably applies to STABLE as well. Too bad 1.0.6 was just released :-( By: Paul Cadach (pcadach) 2005-02-28 11:52:17.000-0600 There was good story for 1.0.4 ;-) By: Mark Spencer (markster) 2005-02-28 22:49:53.000-0600 Fixed in CVS head. Thanks! By: Russell Bryant (russell) 2005-03-02 16:28:45.000-0600 well, I couldn't make 1.0 crash, but the patch looks pretty harmless, so I put it in. Since there was that moh problem with SIP, we might have to do 1.0.7 here pretty soon ... By: Digium Subversion (svnbot) 2008-01-15 15:26:32.000-0600 Repository: asterisk Revision: 5109 U trunk/apps/app_voicemail.c ------------------------------------------------------------------------ r5109 | markster | 2008-01-15 15:26:31 -0600 (Tue, 15 Jan 2008) | 2 lines Fix seg in authenticate (bug ASTERISK-3605) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=5109 By: Digium Subversion (svnbot) 2008-01-15 15:26:32.000-0600 Repository: asterisk Revision: 5110 U trunk/apps/app_voicemail.c ------------------------------------------------------------------------ r5110 | markster | 2008-01-15 15:26:32 -0600 (Tue, 15 Jan 2008) | 2 lines Add some extra checks & verbosity (bug ASTERISK-3605) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=5110 By: Digium Subversion (svnbot) 2008-01-15 15:26:41.000-0600 Repository: asterisk Revision: 5121 U branches/v1-0/apps/app_voicemail.c ------------------------------------------------------------------------ r5121 | russell | 2008-01-15 15:26:41 -0600 (Tue, 15 Jan 2008) | 2 lines prevent crash with some extra checks while doing authentication (bug ASTERISK-3605) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=5121 |