Summary: | ASTERISK-08892: [patch] check for frame before duping it | ||
Reporter: | cmaj (cmaj) | Labels: | |
Date Opened: | 2007-02-26 22:37:33.000-0600 | Date Closed: | 2007-06-30 09:20:06 |
Priority: | Critical | Regression? | No |
Status: | Closed/Complete | Components: | Applications/app_chanspy |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ( 0) frame.c.do-not-dupe-null-frames.patch | |
Description: | I was trying to use ChanSpy with the 'w' whisper mode option, and I was getting core dumps after a couple of seconds of spying on a Zap channel that was listening to MusicOnHold. Attached is a patch to frame.c ast_frdup function to check for null frames. That stopped the core dumps for me. Here's the dump: #0 ast_frdup (f=0x0) at frame.c:431 431 len = sizeof(*out) + AST_FRIENDLY_OFFSET + f->datalen; (gdb) bt #0 ast_frdup (f=0x0) at frame.c:431 #1 0x080de963 in ast_slinfactory_feed (sf=0x823ea50, f=0x82491e0) at slinfactory.c:77 #2 0x0807fc84 in ast_channel_whisper_feed (chan=0x8238c80, f=0x82491e0) at channel.c:4688 #3 0xb72080e2 in channel_spy (chan=0x818d6e8, spyee=0x8238c80, volfactor=0xb6f7c2a8, fd=0, flags=0xb6f7c2f4) at app_chanspy.c:334 #4 0xb7207a15 in common_exec (chan=0x818d6e8, flags=0xb6f7c2f4, volfactor=0, fd=0, mygroup=0x0, spec=0xb6f7c2c0 "Zap", exten=0x0, context=0x0) at app_chanspy.c:531 ASTERISK-1 0xb7206fcb in chanspy_exec (chan=0x818d6e8, data=0x8246688) at app_chanspy.c:626 ASTERISK-2 0x080bcc02 in pbx_extension_helper (c=0x818d6e8, con=0x0, context=0x818d868 "bosses", exten=0x818d8b8 "601", priority=1, label=0x0, callerid=0x818e090 "5558675309", action=E_MATCHMORE) at pbx.c:505 ASTERISK-3 0x080bd821 in __ast_pbx_run (c=0x818d6e8) at pbx.c:2245 ASTERISK-4 0x080be6a1 in pbx_thread (data=0x0) at pbx.c:2556 ASTERISK-5 0x080eb419 in dummy_start (data=0x0) at utils.c:545 ASTERISK-6 0xb7fb7b63 in start_thread () from /lib/tls/libpthread.so.0 ASTERISK-7 0xb7e1f18a in clone () from /lib/tls/libc.so.6 ****** ADDITIONAL INFORMATION ****** This is a fresh download of Asterisk 1.4 tarball. | ||
Comments: | By: Serge Vecher (serge-v) 2007-02-27 10:32:50.000-0600 does this happen on 1.4 svn? I'm thinking this may have been fixed by 8434. By: cmaj (cmaj) 2007-02-27 10:49:49.000-0600 Possibly. I will wait until 1.4.1 tarball before testing tho. This is on a production server. By: Joshua C. Colp (jcolp) 2007-02-27 14:15:29.000-0600 1.4 SVN is what is going to become 1.4.1, but if you want to wait that's fine. By: cmaj (cmaj) 2007-03-02 20:20:15.000-0600 I just tried 1.4.1 and it still crashes without my patch. The patch now applies with only a little fuzz. By: Joshua C. Colp (jcolp) 2007-03-04 22:21:23.000-0600 Fixed in 1.4 as of revision 57798 and trunk as of revision 57799. Thanks! |