[Home]

Summary:ASTERISK-26579: codec_opus: Recursiveness when parsing fmtp line
Reporter:Jørgen H (jorgen)Labels:
Date Opened:2016-11-11 04:23:57.000-0600Date Closed:2016-12-08 11:07:01.000-0600
Priority:MajorRegression?
Status:Closed/CompleteComponents:Resources/res_format_attr_opus
Versions:14.1.2 Frequency of
Occurrence
Constant
Related
Issues:
Environment:linux x64Attachments:( 0) res_format_attr_opus.diff
( 1) res_format_attr_opus.diff
( 2) res_format_attr_opus.diff
Description:recursive stack overflow
{noformat}
sdp_fmtp_get (attributes=<optimized out>, name=0x7ff5071de32c "ptime", attr=0x7ff4fc0548f8) at res_format_attr_opus.c:120
#6450 0x00007ff5071dc957 in sdp_fmtp_get (attr=<optimized out>, name=<optimized out>, attributes=<optimized out>) at res_format_attr_opus.c:120
{noformat}
sdp is
{noformat}
v=0
o=- 975991180 975991180 IN IP4 xxx
s=Asterisk
c=IN IP4 xxx
t=0 0
m=audio 25524 RTP/AVP 107 8 0 4 9 101
a=rtpmap:107 opus/48000/2
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:4 G723/8000
a=rtpmap:9 G722/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
a=maxptime:20
{noformat}
Comments:By: Asterisk Team (asteriskteam) 2016-11-11 04:23:58.718-0600

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].

By: Jørgen H (jorgen) 2016-11-11 05:41:55.755-0600

I'm not very into asterisk code, but this code is probably fix:

[Edit by Rusty - inline patch removed as per guidelines]

By: Rusty Newton (rnewton) 2016-11-11 08:55:27.081-0600

Thanks for the report! Unfortunately we cannot accept inline patches due to legal reasons.

If you'd like to submit a patch, please sign a license agreement and attach the patch to the issue using (More > Attach Files) and mark it as a contribution so that it will be associated with your license.



By: Jørgen H (jorgen) 2016-11-12 14:51:21.531-0600

suggestion to fix

By: Rusty Newton (rnewton) 2016-11-13 08:22:51.141-0600

Once your license is accepted, you'll need to reattach the patch and mark it as contribution for it to be visible. Otherwise it won't show up.

You likely tried to attach it too early, as I see in the history where you attached it, but it is not visible on the issue.

By: Joshua C. Colp (jcolp) 2016-11-14 09:18:58.438-0600

I'm currently investigating this issue and have been unable to reproduce it using the information provided. I've tried both incoming and outgoing calls on chan_pjsip and chan_sip.

Can you provide the complete console output, SIP trace, and scenario information?

By: Jørgen H (jorgen) 2016-11-14 09:51:55.178-0600

I seem to have included the sdp request in the bug, not the response that actually caused the segfault (but it is pretty similar). Here it is:

v=0
o=FreeSWITCH 1479107831 1479107832 IN IP4 xxxx
s=FreeSWITCH
c=IN IP4 xxxxx
t=0 0
m=audio 30666 RTP/AVP 107 101
a=rtpmap:107 opus/48000/2
a=fmtp:107 useinbandfec=0; cbr=1; minptime=10; maxptime=40
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20


By: Joshua C. Colp (jcolp) 2016-11-14 10:26:55.377-0600

That is the data needed, thanks!

By: Joshua C. Colp (jcolp) 2016-11-15 07:36:59.854-0600

If you've signed the license agreement would you like to reattach the change so it can be used?

By: Jørgen H (jorgen) 2016-11-15 11:24:08.844-0600

suggestion to fix

By: Joshua C. Colp (jcolp) 2016-11-15 11:25:25.113-0600

Thanks! I ended up with something similar, but different.

By: Jørgen H (jorgen) 2016-11-15 11:27:44.447-0600

I dont think the website works uploading files using standard company security settings.
The file is located here:

https://mail.jcloud.no/file_link?id=210&password=142531406075991303680x7fdb5ea4b2f01479230744870340695447734843

JS errors when posting:
[Error] QuotaExceededError: DOM Exception 22: An attempt was made to add something to storage that exceeded the quota.
aspect
toggle
dispatch
i
[Error] QuotaExceededError: DOM Exception 22: An attempt was made to add something to storage that exceeded the quota.
setItem
setItem
setIssueUpdatedMsg
storeCurrentIssueIdOnSucessfulSubmit
_handleSubmitResponse
complete
completeHandler
j
fireWith
c
b

By: Jørgen H (jorgen) 2016-11-15 11:28:53.714-0600

Great. Ok nevermind. I'm just new to Jira :)

By: Friendly Automation (friendly-automation) 2016-12-08 11:07:02.350-0600

Change 4580 merged by Kevin Harwell:
res_format_attr_opus: Fix crash when fmtp contains spaces.

[https://gerrit.asterisk.org/4580|https://gerrit.asterisk.org/4580]

By: Friendly Automation (friendly-automation) 2016-12-08 11:07:13.905-0600

Change 4579 merged by Kevin Harwell:
res_format_attr_opus: Fix crash when fmtp contains spaces.

[https://gerrit.asterisk.org/4579|https://gerrit.asterisk.org/4579]

By: Friendly Automation (friendly-automation) 2016-12-08 11:07:22.703-0600

Change 4589 merged by Kevin Harwell:
res_format_attr_opus: Fix crash when fmtp contains spaces.

[https://gerrit.asterisk.org/4589|https://gerrit.asterisk.org/4589]

By: Friendly Automation (friendly-automation) 2016-12-08 11:07:48.018-0600

Change 4578 merged by Kevin Harwell:
res_format_attr_opus: Fix crash when fmtp contains spaces.

[https://gerrit.asterisk.org/4578|https://gerrit.asterisk.org/4578]

By: Friendly Automation (friendly-automation) 2016-12-08 11:08:02.900-0600

Change 4588 merged by Kevin Harwell:
res_format_attr_opus: Fix crash when fmtp contains spaces.

[https://gerrit.asterisk.org/4588|https://gerrit.asterisk.org/4588]

By: Friendly Automation (friendly-automation) 2016-12-08 11:08:11.403-0600

Change 4581 merged by Kevin Harwell:
res_format_attr_opus: Fix crash when fmtp contains spaces.

[https://gerrit.asterisk.org/4581|https://gerrit.asterisk.org/4581]

By: Friendly Automation (friendly-automation) 2016-12-08 11:08:24.663-0600

Change 4577 merged by Kevin Harwell:
codecs/opus/fmtp_with_spaces: Add test for fmtp parsing with spaces.

[https://gerrit.asterisk.org/4577|https://gerrit.asterisk.org/4577]