| Summary: | ASTERISK-26264: res_pjsip: Crash when applying ACL from non-existent endpoint | ||
| Reporter: | nappsoft (nappsoft) | Labels: | |
| Date Opened: | 2016-08-03 13:51:56 | Date Closed: | 2016-09-08 09:27:48 |
| Priority: | Major | Regression? | |
| Status: | Closed/Complete | Components: | Resources/res_pjsip |
| Versions: | 13.10.0 | Frequency of Occurrence | One Time |
| Related Issues: | |||
| Environment: | Linux x86_64 musl | Attachments: | |
| Description: | Just got the following crash/backtrace with Asterisk 13.10.0/Pjsip 2.5.5:
#0 apply_endpoint_acl (endpoint=0x0, rdata=0x43a31e8) at res_pjsip/pjsip_distributor.c:625 #1 authenticate (rdata=0x43a31e8) at res_pjsip/pjsip_distributor.c:702 #2 0x00007f0fa4a40ce7 in pjsip_endpt_process_rx_data () from /usr/lib/libpjsip.so.2 #3 0x00007f0f95d7d7ec in distribute (data=0x43a31e8) at res_pjsip/pjsip_distributor.c:765 #4 0x00000000005c97fe in ast_taskprocessor_execute (tps=tps@entry=0x3ddee78) at taskprocessor.c:938 #5 0x00000000005d0800 in execute_tasks (data=0x3ddee78) at threadpool.c:1322 #6 0x00000000005c97fe in ast_taskprocessor_execute (tps=0x3a8a858) at taskprocessor.c:938 #7 0x00000000005d10b8 in threadpool_execute (pool=0x3a8afb8) at threadpool.c:351 #8 worker_active (worker=0x40e6e18) at threadpool.c:1105 #9 worker_start (arg=arg@entry=0x40e6e18) at threadpool.c:1024 #10 0x00000000005da6ca in dummy_start (data=<optimized out>) at utils.c:1235 #11 0x00007f0fb3353715 in start () from /lib/ld-musl-x86_64.so.1 #12 0x0000000000000000 in ?? () | ||
| Comments: | By: Asterisk Team (asteriskteam) 2016-08-03 13:51:57.240-0500 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Rusty Newton (rnewton) 2016-08-03 14:31:52.126-0500 Thank you for the crash report. However, we need more information to investigate the crash. Please provide: 1. A backtrace generated from a core dump using the instructions provided on the Asterisk wiki [1]. 2. Specific steps taken that lead to the crash. 3. All configuration information necesary to reproduce the crash. Thanks! [1]: https://wiki.asterisk.org/wiki/display/AST/Getting+a+Backtrace By: Rusty Newton (rnewton) 2016-08-03 14:32:28.613-0500 Can you post a full unoptimized backtrace as described in the above link? Thanks! By: nappsoft (nappsoft) 2016-08-03 14:58:49.586-0500 I'm sorry but as this was on an embedded (live) environment the core dump has already been deleted (as we needed to gain the space back). So there is no chance to get more information than I have right now. I'll try to get more informations if it happens again. By: Rusty Newton (rnewton) 2016-08-16 09:32:56.193-0500 This appears to be a potential security vulnerability. We've locked down the issue viewing permissions for now. Please don't post about this issue anywhere else (outside of this ticket) until we can get a fix out for it in the next minor release. | ||