[Home]

Summary:ASTERISK-26484: res_pjsip_messaging: Crash when using invalid URI in MessageSend 'from' argument.
Reporter:Vinod Dharashive (vdharashive)Labels:
Date Opened:2016-10-19 00:56:54Date Closed:2017-03-22 12:37:53
Priority:MinorRegression?
Status:Closed/CompleteComponents:Documentation Resources/res_pjsip_messaging
Versions:14.0.2 14.1.0 Frequency of
Occurrence		Constant
Related
Issues:
Environment:Centos 7.2Attachments:( 0) backtrace.txt
Description:Rusty's dialplan to reproduce:
{noformat}
exten = 100,1,Answer()
same = n,Set(MESSAGE(body)="Blah blah blah")
same = n,MessageSend(pjsip:BOB,"ALICE" <pjsip:ALICE@10.24.18.16>)
same = n,Hangup()
{noformat}

The second argument to MessageSend, should use "sip:" and not "pjsip:".

Rusty's trace:
{noformat}
Program terminated with signal SIGSEGV, Segmentation fault.
#0  __longjmp_chk (env=0x0, val=1) at ../setjmp/longjmp.c:32
#0  __longjmp_chk (env=0x0, val=1) at ../setjmp/longjmp.c:32
No locals.
#1  0x00007f36c8a8628e in pj_throw_exception_ () from /usr/lib/libasteriskpj.so
No symbol table info available.
#2  0x00007f36c8a1cce0 in pool_callback () from /usr/lib/libasteriskpj.so
No symbol table info available.
#3  0x00007f36c8a88dec in pj_pool_allocate_find () from /usr/lib/libasteriskpj.so
No symbol table info available.
#4  0x00007f36c8a906e5 in pj_strdup () from /usr/lib/libasteriskpj.so
No symbol table info available.
#5  0x00007f3628f34f43 in update_from (tdata=0x7f3644001d38, tdata=0x7f3644001d38, from=<optimized out>) at res_pjsip_messaging.c:245
       name_addr = 0x7f3644002450
       parsed_name_addr = 0x7f364401ba10
#6  msg_send (data=0x7f36a4002610) at res_pjsip_messaging.c:627
       mdata = 0x7f36a4002610
       body = {type = 0x7f3628f35f62 "text", subtype = 0x7f3628f35f5c "plain", body_text = 0x7f36a4000ccc "\"Blah blah blah\""}
       tdata = 0x7f3644001d38
       uri = 0x0
       endpoint = 0x3aa8758
       __PRETTY_FUNCTION__ = "msg_send"
#7  0x0000000000607c1e in ast_taskprocessor_execute (tps=0x3d11db0) at taskprocessor.c:967
       local = {local_data = 0x3d11db0, data = 0x8db4b0 <current_serializer>}
       t = 0x7f36a4001340
       size = 6405926
       __PRETTY_FUNCTION__ = "ast_taskprocessor_execute"

{noformat}

Vinod's original trace:
{noformat}
#0  0x00007f9aca8045f7 in raise () from /lib64/libc.so.6
No symbol table info available.
#1  0x00007f9aca805ce8 in abort () from /lib64/libc.so.6
No symbol table info available.
#2  0x00007f9aca7fd566 in __assert_fail_base () from /lib64/libc.so.6
No symbol table info available.
#3  0x00007f9aca7fd612 in __assert_fail () from /lib64/libc.so.6
No symbol table info available.
#4  0x00007f9a8547e525 in pj_throw_exception_ () from /lib64/libpj.so.2
No symbol table info available.
#5  0x00007f9a86bb8b80 in pool_callback () from /lib64/libpjsip.so.2
No symbol table info available.
#6  0x00007f9a854814d0 in pj_pool_allocate_find () from /lib64/libpj.so.2
No symbol table info available.
#7  0x00007f9a85488fd5 in pj_strdup () from /lib64/libpj.so.2
No symbol table info available.
#8  0x00007f9a55acbf75 in update_from (tdata=0x1b47558, tdata=0x1b47558, from=<optimized out>)
   at res_pjsip_messaging.c:245
       name_addr = 0x1b47c80
       parsed_name_addr = 0x1a59940
#9  msg_send (data=0x7f9ab00019a0) at res_pjsip_messaging.c:627
       mdata = 0x7f9ab00019a0
       body = {type = 0x7f9a55acd127 "text", subtype = 0x7f9a55acd12c "plain",
         body_text = 0x7f9ab00016dc "Missed call at 18 Oct 2016 05:07:05 AM"}
       tdata = 0x1b47558
       uri = 0x0
---Type <return> to continue, or q <return> to quit---
       endpoint = 0x1cf53a8
       __PRETTY_FUNCTION__ = "msg_send"

{noformat}
Comments:By: Asterisk Team (asteriskteam) 2016-10-19 00:56:55.089-0500

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].
By: Joshua C. Colp (jcolp) 2016-10-19 11:25:20.879-0500

Thank you for taking the time to report this bug and helping to make Asterisk better. Unfortunately, we cannot work on this bug because your description did not include enough information. Please read over the Asterisk Issue Guidelines [1] which discusses the information necessary for your issue to be resolved and the format that information needs to be in. We would be grateful if you would then provide a more complete description of the problem. At a minimum, we need:

1. The specific steps or actions you took that caused you to encounter the problem.
2. The behavior you expected and the location of documentation that led you to that expectation.
3. The behavior you actually encountered.

To demonstrate the issue in detail, please include Asterisk log files generated per the instructions on the wiki [2]. If applicable, please ensure that protocol-level trace debugging is enabled, e.g., 'sip set debug on' if the issue involves chan_sip, and configuration information such as dialplan and channel configuration.

Thanks!

[1] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines

[2] https://wiki.asterisk.org/wiki/display/AST/Collecting+Debug+Information


By: Joshua C. Colp (jcolp) 2016-10-19 11:25:40.763-0500

Additionally how was PJSIP built?
By: Vinod Dharashive (vdharashive) 2016-10-19 23:42:13.893-0500

using pjsip bundle command of configure.
By: Joshua C. Colp (jcolp) 2016-10-20 05:35:59.864-0500

Any further details to my first post? Console log? Details about what was going on?
By: Vinod Dharashive (vdharashive) 2016-10-20 07:05:20.398-0500

Manage to figure it out the issue. from contact from was wrong we had used pjsip:323323@voip.in. which should be sip:323323@voip.in.

Thanks for your valuable time.

By: Rusty Newton (rnewton) 2016-10-20 20:41:47.295-0500

Where did you set the from contact? Can you provide your pjsip.conf and Asterisk dialplan, along with a log so that we can reproduce the issue?


By: Vinod Dharashive (vdharashive) 2016-10-21 04:52:25.163-0500

Using asterisk - java
{noformat}
String aParty = entity.getAparty();
String name = entity.getName();
String message = "Missed call at "+entity.getTime();
logger.logDebug("Message is "+ message);
MessageSendAction sipSendMessage = new MessageSendAction();
String from = "\""+name+"\" <pjsip:"+aParty+"@voip.in>";
sipSendMessage.setFrom(from);
String to = "pjsip:"+newlyRegisteredParty;
sipSendMessage.setTo(to);
sipSendMessage.setActionId(UUID.randomUUID().toString());
sipSendMessage.setBase64body(new String(Base64.encodeBase64(message.getBytes("UTF-8")), "UTF-8"));
final int entityId = entity.getId();
logger.logDebug("Sending Message from: "+from+" to: "+to);
amiConnector.sendAction(sipSendMessage, new SendActionCallback() {
@Override
public void onResponse(ManagerResponse response) {
String responseMsg = response.getMessage();
logger.logDebug("Message Sending Response Message: "+responseMsg);
if(responseMsg.contains("successfully")){
FCDBUtils.removeMissedCallEntry(entityId);
}
}
});
{noformat}
By: Rusty Newton (rnewton) 2016-11-01 15:59:35.898-0500

Attaching a better backtrace from my reproduction. I'll replace the excerpt in description with it as well.
By: Rusty Newton (rnewton) 2016-11-01 16:04:33.935-0500

We need to edit the help text (https://wiki.asterisk.org/wiki/display/AST/Asterisk+14+Application_MessageSend) in the source to be more explicit and include an example of usage.

The confusion comes between the "pjsip:" prefix for the to argument looking like the "sip:" prefix on the beginning of a SIP URI. The second argument uses a full URI and the first argument does not.
By: Friendly Automation (friendly-automation) 2017-03-22 12:37:54.922-0500

Change 5268 merged by zuul:
res_pjsip_messaging: Check URI type before dereferencing

[https://gerrit.asterisk.org/5268|https://gerrit.asterisk.org/5268]
By: Friendly Automation (friendly-automation) 2017-03-22 12:37:58.017-0500

Change 5267 merged by zuul:
res_pjsip_messaging: Check URI type before dereferencing

[https://gerrit.asterisk.org/5267|https://gerrit.asterisk.org/5267]
By: Friendly Automation (friendly-automation) 2017-03-22 12:38:01.387-0500

Change 5266 merged by zuul:
res_pjsip_messaging: Check URI type before dereferencing

[https://gerrit.asterisk.org/5266|https://gerrit.asterisk.org/5266]