Summary:ASTERISK-20854: app_minivm core dump in ast_str_encode_mime
Reporter:Chris Warr (chriswarr)Labels:
Date Opened:2013-01-02 18:02:37.000-0600Date Closed:2013-01-15 09:49:54.000-0600
Versions:10.9.0 Frequency of
is duplicated byASTERISK-18697 [minivm] Crash in MinivmNotify
Environment:Centos 6.3Attachments:
Description:ast_str_encode is called from sendmail if an address contains any characters that need mime-encoding.  In my case the user name was "Laura (Reception)".

It looks like when the ast_str_encode_mime function was converted to use the ast_str structure someone didn't remove a string initialisation.  The bug occurs from *end = '\0' clearing out the structure and later it's set which core dumps.

struct ast_str *tmp = ast_str_alloca(80);
int first_section = 1;
*end = '\0';                  <-- This should be deleted



  // Will core dump a functions down through here
  ast_str_append(end, maxlen, "%s%s?=%s", first_section ? "" : " ", ast_str_buffer(tmp), ast_str_strlen(tmp) + postamble > 74 ? " " : "");

This bug is still in the 11 branch, however I am using 10.9.
I've removed this line, recompiled at tested successfully.

Comments:By: Rusty Newton (rnewton) 2013-01-04 13:15:49.854-0600

Acknowledged this issue. One of the community developers working with app_minivm will need to look it over and provide a patch.

By: Matt Jordan (mjordan) 2013-01-15 08:57:01.812-0600

Comparing this to {{ast_str_encode_mime}} in {{app_voicemail}}, your analysis is correct.

The fact that we have two implementations of this method - where one of them is wrong and causes a crash - is no good. This should probably be a public function in strings.h.

By: Matt Jordan (mjordan) 2013-01-15 09:49:49.471-0600

This is actually a duplicate of ASTERISK-18697.