ASTERISK-28534: Segmentation fault when there is no priority for an extension

[Home]

Summary: ASTERISK-28534: Segmentation fault when there is no priority for an extension

Reporter: Timothy Vanderaerden (timothyvda) Labels:

Date Opened: 2019-09-12 10:18:34 Date Closed: 2019-09-27 08:32:43

Priority: Minor Regression?

Status: Closed/Complete Components: PBX/pbx_config

Versions: 16.5.0 Frequency of
Occurrence Constant

Related
Issues:

Environment: CentOS Linux release 7.6.1810 Kernel: 3.10.0-957.27.2.el7.x86_64 Attachments:

Description: When there is no priority given for an extension Asterisk will crash with a Segmentation fault. The config below will cause this behavior.

{code}
exten => _30[X+]XXXXXXXX!,
{code}

This is of course bad configuration but it shouldn't cause a crash.

Below you will find gdb backtrace.

{code:title=gdb}
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib64/libthread_db.so.1".
Core was generated by `asterisk -U asterisk -g -c'.
Program terminated with signal 11, Segmentation fault.
#0 __strlen_sse42 () at ../sysdeps/x86_64/multiarch/strlen-sse4.S:31
31 pcmpeqb (%rdi), %xmm1
{code}

And the relevant Asterisk coredump.

{code:title=core-brief.txt}
Thread 1 (Thread 0x7f759588b900 (LWP 1380)):
#0 0x00007f75925df10f in __strlen_sse42 () at ../sysdeps/x86_64/multiarch/strlen-sse4.S:31
#1 0x00000000005c606b in realtime_arguments_to_fields2 (file=0x646299 "config.c", lineno=3220, func=0x6724f0 <__PRETTY_FUNCTION__.18004> "realtime_arguments_to_fields2", filename=0x628614 "", value=0x0, name=0x7$
#2 0x00000000005c606b in realtime_arguments_to_fields2 (ap=ap@entry=0x7ffec6949158, result=result@entry=0x7ffec6949140, skip=-1) at config.c:3220
#3 0x00000000005cda43 in ast_load_realtime (family=family@entry=0x7f7548b072ab "extensions") at config.c:3318
#4 0x00007f7548b05e2a in realtime_switch_common (table=table@entry=0x7f7548b072ab "extensions", context=context@entry=0x0, exten=exten@entry=0x7ffec694a9e0 "_30[X+]XXXXXXXX!", priority=priority@entry=0, mode=mod$
#5 0x00007f7548b06923 in realtime_common (context=<optimized out>, exten=0x7ffec694a9e0 "_30[X+]XXXXXXXX!", priority=0, data=<optimized out>, mode=<optimized out>) at pbx_realtime.c:261
#6 0x00007f7548b06b17 in realtime_exists (chan=<optimized out>, context=<optimized out>, exten=<optimized out>, priority=<optimized out>, callerid=<optimized out>, data=<optimized out>) at pbx_realtime.c:291
#7 0x000000000051c704 in pbx_find_extension (chan=chan@entry=0x0, bypass=bypass@entry=0x3aabc30, q=q@entry=0x7ffec69497f0, context=context@entry=0x0, exten=exten@entry=0x7ffec694a9e0 "_30[X+]XXXXXXXX!", priority$
#8 0x0000000000527475 in pbx_extension_helper (c=c@entry=0x0, con=con@entry=0x3aabc30, exten=exten@entry=0x7ffec694a9e0 "_30[X+]XXXXXXXX!", label=label@entry=0x7f753093bd43 "", callerid=callerid@entry=0x0, combi$
#9 0x0000000000527685 in ast_findlabel_extension2 (c=c@entry=0x0, con=con@entry=0x3aabc30, exten=exten@entry=0x7ffec694a9e0 "_30[X+]XXXXXXXX!", label=label@entry=0x7f753093bd43 "", callerid=callerid@entry=0x0) a$
#10 0x00007f7530937936 in pbx_load_config (config_file=0x7f753093dd70 <config> "extensions.conf") at pbx_config.c:1823
#11 0x00007f7530939fbe in pbx_load_module () at pbx_config.c:2101
#12 0x00007f753093bb2b in load_module () at pbx_config.c:2130
#13 0x00000000004f9ed5 in start_resource (mod=mod@entry=0x34f9e70) at loader.c:1711
#14 0x00000000004fa6de in start_resource_attempt (mod=0x34f9e70) at loader.c:1685
#15 0x00000000004fa6de in start_resource_attempt (mod=0x34f9e70, count=0x7ffec694cdb0) at loader.c:1887
#16 0x00000000004fd563 in load_modules (mod_count=0x7ffec694cdb0, resources=0x7ffec694cde0) at loader.c:1984
#17 0x00000000004fd563 in load_modules (mod_count=<synthetic pointer>, load_order=0x7ffec694cdd0) at loader.c:2166
#18 0x00000000004fd563 in load_modules () at loader.c:2379
#19 0x0000000000438405 in main (isroot=<optimized out>, rungroup=<optimized out>, runuser=<optimized out>) at asterisk.c:4148
#20 0x0000000000438405 in main (argc=<optimized out>, argv=<optimized out>) at asterisk.c:3919
{code}

I wasn't sure if I should include the full Asterisk coredump or if this is enough. Let me know if you need more.

Comments: By: Asterisk Team (asteriskteam) 2019-09-12 10:18:35.393-0500

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].

Please note that once your issue enters an open state it has been accepted. As Asterisk is an open source project there is no guarantee or timeframe on when your issue will be looked into. If you need expedient resolution you will need to find and pay a suitable developer. Asking for an update on your issue will not yield any progress on it and will not result in a response. All updates are posted to the issue when they occur.
By: Kevin Harwell (kharwell) 2019-09-12 18:15:47.882-0500

Is this a realtime configuration as it looks like it's calling into it? If so what's the table definition (was the alembic definition used?) and how did the data get inserted?

If not, I've tried putting that in _extensions.conf_ and it did not crash. I did receive the following messages at startup:
{noformat}
[2019-09-12 18:07:22] NOTICE[32679]: pbx.c:2967 pbx_extension_helper: Cannot find extension '_30[X+]XXXXXXXX!' in context ''
[2019-09-12 18:07:22] WARNING[32679]: pbx_config.c:1824 pbx_load_config: Invalid priority/label '' at line 5 of extensions.conf
{noformat}
By: Timothy Vanderaerden (timothyvda) 2019-09-13 01:26:28.096-0500

Realtime is configured but the extension is defined in the configuration file. However the the context contains a switch statement to use realtime. I did some testing and the crash only occurs when the extension is defined after the switch statement.

This will cause the crash.
{code}
[example]
switch => Realtime/example
exten => _30[X+]XXXXXXXX!,
{code}

This will *not* cause a crash.
{code}
[example]
exten => _30[X+]XXXXXXXX!,
switch => Realtime/example
{code}

By: Kevin Harwell (kharwell) 2019-09-13 10:10:56.502-0500

Thanks was finally able to replicate.

I also had to preload pbx_realtime or simply do a dialplan reload from the CLI after loading.
By: Friendly Automation (friendly-automation) 2019-09-27 08:32:44.256-0500

Change 12967 merged by Friendly Automation:
pbx: Prevent Realtime switch crash on invalid priority

[https://gerrit.asterisk.org/c/asterisk/+/12967|https://gerrit.asterisk.org/c/asterisk/+/12967]
By: Friendly Automation (friendly-automation) 2019-09-27 08:35:18.092-0500

Change 12964 merged by Friendly Automation:
pbx: Prevent Realtime switch crash on invalid priority

[https://gerrit.asterisk.org/c/asterisk/+/12964|https://gerrit.asterisk.org/c/asterisk/+/12964]
By: Friendly Automation (friendly-automation) 2019-09-27 09:01:19.152-0500

Change 12966 merged by George Joseph:
pbx: Prevent Realtime switch crash on invalid priority

[https://gerrit.asterisk.org/c/asterisk/+/12966|https://gerrit.asterisk.org/c/asterisk/+/12966]
By: Friendly Automation (friendly-automation) 2019-09-27 09:01:40.281-0500

Change 12965 merged by George Joseph:
pbx: Prevent Realtime switch crash on invalid priority

[https://gerrit.asterisk.org/c/asterisk/+/12965|https://gerrit.asterisk.org/c/asterisk/+/12965]