| Summary: | ASTERISK-03817: Asterisk crashes after find_callno() failure | ||
| Reporter: | Wojtek Kaniewski (wojtekka) | Labels: | |
| Date Opened: | 2005-03-31 05:38:32.000-0600 | Date Closed: | 2008-01-15 15:29:35.000-0600 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Core/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) chan_iax2.patch | |
| Description: | I randomly encounter crashes when starting Asterisk while iaxComm is running. Asterisk reports that find_callno() failed with ,,No more space'' and then segfaults. Unfortunately I'm unable to provide backtrace, because Asterisk is running on an embedded system with little debugging possibilities, but I found return value inconsistency in find_callno() from chan_iax2.c. At line 1057 it returns -1 whereas all other failures return 0, so error checking of (!result) sometimes fails and causes negative array index dereference. The attached patch solves the problem and adds one missing return value check around line 6135. As the changes are trivial, is it really necessary to send a signed disclaimer to Digium in this case? Anyone who already has access to CVS can fix the code without even looking at the attached patch. | ||
| Comments: | By: Mark Spencer (markster) 2005-03-31 13:36:42.000-0600 No disclaimer necessary for such a small patch, but thank you for your contribution anyway! By: Russell Bryant (russell) 2005-03-31 22:54:52.000-0600 fixed in 1.0 By: Digium Subversion (svnbot) 2008-01-15 15:29:35.000-0600 Repository: asterisk Revision: 5323 U trunk/channels/chan_iax2.c ------------------------------------------------------------------------ r5323 | markster | 2008-01-15 15:29:35 -0600 (Tue, 15 Jan 2008) | 2 lines Fix IAX2 out of memory failure (bug ASTERISK-3817) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=5323 | ||