Summary: | ASTERISK-26526: [UBSAN] vector.h: null pointer can be passed as argument 2 to memcpy | ||
Reporter: | Badalian Vyacheslav (slavon) | Labels: | |
Date Opened: | 2016-10-30 06:56:59 | Date Closed: | 2016-10-31 09:55:28 |
Priority: | Minor | Regression? | |
Status: | Closed/Complete | Components: | Core/AstMM |
Versions: | 13.12.1 14.1.1 GIT | Frequency of Occurrence | |
Related Issues: | |||
Environment: | Attachments: | ||
Description: | asterisk 13 git branch
{code} [Oct 30 11:53:23] WARNING[911]: asterisk:243 errReceived: Asterisk 127.0.0.1 received error: cli.c:2786:77: runtime error: null pointer passed as argument 2, which is declared to never be null {code} | ||
Comments: | By: Asterisk Team (asteriskteam) 2016-10-30 06:56:59.541-0500 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Corey Farrell (coreyfarrell) 2016-10-30 09:37:25.525-0500 This issue requires a backtrace to troubleshoot. Please identify the specific revision of Asterisk (commit-id) used to produce the backtrace as we will need to match line numbers from the backtrace to the code. By: Badalian Vyacheslav (slavon) 2016-10-30 12:52:55.484-0500 You are wellcome! :) Found by UBSAN! And many others :(((( {code} stasis_message_router.c:115:42: runtime error: null pointer passed as argument 2, which is declared to never be null #0 0x9062d7 in route_table_add /usr/src/asterisk/main/stasis_message_router.c:115 #1 0x907d15 in stasis_message_router_add_cache_update /usr/src/asterisk/main/stasis_message_router.c:33 #2 0x5aeb99 in ast_cdr_engine_init /usr/src/asterisk/main/cdr.c:4212 #3 0x4bf230 in asterisk_daemon /usr/src/asterisk/main/asterisk.c:4596 #4 0x4be642 in main /usr/src/asterisk/main/asterisk.c:4373 #5 0x7f354371bb44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44) #6 0x433918 (/usr/sbin/asterisk+0x433918) {code} {code} cli.c:2786:77: runtime error: null pointer passed as argument 2, which is declared to never be null #0 0x63da03 in ast_cli_allow_at_shutdown /usr/src/asterisk/main/cli.c:2786 #1 0x4b09d7 in handle_stop_now /usr/src/asterisk/main/asterisk.c:2525 #2 0x6392d7 in __ast_cli_register /usr/src/asterisk/main/cli.c:2253 #3 0x63a09d in ast_cli_register /usr/src/asterisk/main/cli.c:2313 #4 0x63a0f0 in ast_cli_register_multiple /usr/src/asterisk/main/cli.c:2324 #5 0x4bf448 in asterisk_daemon /usr/src/asterisk/main/asterisk.c:4645 #6 0x4be642 in main /usr/src/asterisk/main/asterisk.c:4373 #7 0x7f354371bb44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44) #8 0x433918 (/usr/sbin/asterisk+0x433918) {code} {code} root@0bfa9456f68a:/usr/src/asterisk# git log commit 6b1c55dc9be90904363dbcf958a9fcc243c85629 Author: George Joseph <gjoseph@digium.com> Date: Fri Oct 28 15:59:19 2016 -0600 pjproject_bundled: Fix issue where "/version.mak" wasn't found root@0bfa9456f68a:/usr/src/asterisk# git branch * 13 {code} By: Corey Farrell (coreyfarrell) 2016-10-30 13:42:27.816-0500 It appears UBSAN is being tripped by {{AST_VECTOR_APPEND}} being called when {{(vec)->elems == NULL}}. This causes {{memcpy}} to be called with a NULL 2nd argument. Note this is only a minor issue as the 3rd argument is always 0 when the 2nd argument is NULL, so memcpy won't crash. By: Friendly Automation (friendly-automation) 2016-10-30 13:44:28.354-0500 Change 4234 had a related patch set uploaded by Corey Farrell: vector: Prevent NULL argument to memcpy. [https://gerrit.asterisk.org/4234|https://gerrit.asterisk.org/4234] By: Friendly Automation (friendly-automation) 2016-10-30 13:46:27.286-0500 Change 4235 had a related patch set uploaded by Corey Farrell: vector: Prevent NULL argument to memcpy. [https://gerrit.asterisk.org/4235|https://gerrit.asterisk.org/4235] By: Friendly Automation (friendly-automation) 2016-10-30 13:46:41.864-0500 Change 4236 had a related patch set uploaded by Corey Farrell: vector: Prevent NULL argument to memcpy. [https://gerrit.asterisk.org/4236|https://gerrit.asterisk.org/4236] By: Friendly Automation (friendly-automation) 2016-10-31 09:55:29.233-0500 Change 4236 merged by zuul: vector: Prevent NULL argument to memcpy. [https://gerrit.asterisk.org/4236|https://gerrit.asterisk.org/4236] By: Friendly Automation (friendly-automation) 2016-10-31 09:55:31.836-0500 Change 4235 merged by zuul: vector: Prevent NULL argument to memcpy. [https://gerrit.asterisk.org/4235|https://gerrit.asterisk.org/4235] By: Friendly Automation (friendly-automation) 2016-10-31 09:59:11.425-0500 Change 4234 merged by zuul: vector: Prevent NULL argument to memcpy. [https://gerrit.asterisk.org/4234|https://gerrit.asterisk.org/4234] |