Summary:ASTERISK-19899: Confbridge user number announcement segfaults for number > 2
Reporter:Florian Gilcher (skade)Labels:Regression
Date Opened:2012-05-22 17:34:16Date Closed:2012-05-24 08:36:52
Versions:10.4.0 Frequency of
must be completed before resolvingASTERISK-19902 Asterisk 10.5.0 Blockers
is caused byASTERISK-19188 asterisk crashes if there no confbridge-join file
Environment:GentooAttachments:( 0) asterisk-19899.diff
Description:Asterisk 10.4.0 ConfBridge segfaults when announcing more than 2 users.

This error is introduced by ASTERISK-19188, which does not handle the case where the filename is NULL in play_sound_helper and passes the filename to ast_fileexists unchecked.


#0  0x00007f05b0f0cb52 in strlen () from /lib64/libc.so.6
#1  0x00000000004bfc09 in ast_fileexists (filename=0x0, fmt=0x0, preflang=0x57118f "") at file.c:988
#2  0x00007f05a9b91d1a in play_sound_helper (conference_bridge=0x146e8e8, filename=0x0, say_number=2) at app_confbridge.c:1147
#3  0x00007f05a9b92132 in play_sound_number (say_number=<optimized out>, conference_bridge=<optimized out>) at app_confbridge.c:1205
#4  announce_user_count (conference_bridge=0x146e8e8, conference_bridge_user=0x0) at app_confbridge.c:615
#5  0x00007f05a9b9423f in post_join_unmarked (conference_bridge_user=<optimized out>, conference_bridge=<optimized out>) at app_confbridge.c:847
#6  join_conference_bridge (conference_bridge_user=<optimized out>, name=0x7f0594d0c260 "1234") at app_confbridge.c:1004
#7  confbridge_exec (chan=0x1512fe8, data=<optimized out>) at app_confbridge.c:1421
#8  0x0000000000500aeb in pbx_exec (c=0x1512fe8, app=0x130c3a0, data=0x7f0594d12770 "1234") at pbx.c:1551
#9  0x000000000050e480 in pbx_extension_helper (c=0x1512fe8, con=<optimized out>, context=0x15138b8 "default", exten=0x1513908 "5000",
   priority=<optimized out>, label=<optimized out>, callerid=0x14a2b00 "7591FA62-4C40-5A68-8D93-7685BDDD7BF6", action=E_SPAWN, found=0x7f0594d14dec,
   combined_find_spawn=1) at pbx.c:4390
#10 0x0000000000510f75 in ast_spawn_extension (found=<optimized out>, callerid=<optimized out>, priority=<optimized out>, exten=<optimized out>,
   context=<optimized out>, c=<optimized out>, combined_find_spawn=<optimized out>) at pbx.c:5053
#11 __ast_pbx_run (c=0x1512fe8, args=<optimized out>) at pbx.c:5146
#12 0x00000000005128ab in pbx_thread (data=0x0) at pbx.c:5486
#13 0x000000000055330b in dummy_start (data=<optimized out>) at utils.c:1010
#14 0x00007f05afff98c4 in start_thread () from /lib64/libpthread.so.0
#15 0x00007f05b0f611dd in clone () from /lib64/libc.so.6
Comments:By: Matt Jordan (mjordan) 2012-05-23 07:34:55.504-0500


I've attached a patch (asterisk-19899.diff) that I believe will resolve this issue.  Could you please test it and confirm?



By: Florian Gilcher (skade) 2012-05-24 07:44:09.924-0500

I tested the patch and can confirm that it works. I can connect to the conference and it reads all text correctly.