| Summary: | ASTERISK-10129: Nonexistent extension makes crash asterisk | ||
| Reporter: | maxper (maxper) | Labels: | |
| Date Opened: | 2007-08-21 03:17:44 | Date Closed: | 2007-08-21 10:05:45 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Channels/chan_mgcp |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | Asterisk any version (tested on 1.4.8 and 1.4.9, should be on others too). Phones that we used to reproduce the bug: Swissvoice IP10S. When I dial any extension that is invalid asterisk sends the busy signal, and that's right. As soon I digit, after the busy signal any other key on the phone, asterisk segfaults at line 3244 of chan_mgcp.c It seems that the system, on the second part of the if condition (sub->owner->_state >= AST_STATE_UP) has the sub->owner struct member pointing to an invalid location for some reason. As a solution that seems to work and that doesn't show and collateral effects, I patched the file (patch in additional information). To reproduce the bug, just add a phone to mgcp.conf, point it to a context and add an extension to that context. As soon as you digit something that is NOT that extension it gives busy and, after that, it crashes. Hope it helps Massimiliano Perantoni ****** ADDITIONAL INFORMATION ****** 3244c3244 < if (sub && (sub->owner->_state >= AST_STATE_UP)) { --- > if (sub && sub->owner && (sub->owner->_state >= AST_STATE_UP)) { | ||
| Comments: | By: Digium Subversion (svnbot) 2007-08-21 10:04:33 Repository: asterisk Revision: 80132 ------------------------------------------------------------------------ r80132 | russell | 2007-08-21 10:04:32 -0500 (Tue, 21 Aug 2007) | 3 lines Don't try to dereference the owner channel when it may not exist (issue ASTERISK-10129, maxper) ------------------------------------------------------------------------ By: Digium Subversion (svnbot) 2007-08-21 10:05:13 Repository: asterisk Revision: 80133 ------------------------------------------------------------------------ r80133 | russell | 2007-08-21 10:05:13 -0500 (Tue, 21 Aug 2007) | 11 lines Merged revisions 80132 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r80132 | russell | 2007-08-21 10:22:22 -0500 (Tue, 21 Aug 2007) | 3 lines Don't try to dereference the owner channel when it may not exist (issue ASTERISK-10129, maxper) ........ ------------------------------------------------------------------------ | ||