<p>Say you have a kamailio config file with variables ordered as A(int),B(int),C(string),D(int) – (all belonging to the same group).<br>
Kamailio first creates a linked list of these variables in a given group and calculates the group size as follows <a href="https://github.com/kamailio/kamailio/blob/master/src/core/cfg/cfg_script.c#L34">actual code</a>):</p>
<pre><code>Pseudo-code
---------------------------------------------------------------------------------------------
group->size = 0
group->vars = null // the pointer to the head of the linked list of variables
create_group_linked_list:
for variable in group:
if variable is integer:
round up group_size to the nearest 4 byte multiple
group_size += sizeof(int)
if variable is string:
round up group_size to the nearest 8 byte multiple
group_size += sizeof(str) //str is a kamailio type (size 16 in our C++ compiler)
if group->vars is null:
group->vars = variable
else
variables->next = group->vars
group->vars = variable
---------------------------------------------------------------------------------------------
Linked list creation
NULL
group->size 0
A(int)
group->size 4
B(int) -> A
group->size 8
C(string) -> B -> A
group->size 24
D(int) -> C -> B -> A
group->size 28
</code></pre>
<p>However, this linked list is not used as is. it is copied to a single shared memory block for all child processes.<br>
This is done in the <a href="https://github.com/kamailio/kamailio/blob/master/src/core/cfg/cfg_struct.c#L180">cfg_shmize()</a> which further calls <a href="https://github.com/kamailio/kamailio/blob/master/src/core/cfg/cfg_script.c#L222">cfg_script_fixup()</a><br>
Basically, the function goes through the linked list of variables created above and calculates the offset of each variable in the memory block assuming that the offset of the first variable is 0.<br>
Following is the pseudo-code of what cfg_script_fixup() does for the linked list and offset calculation:</p>
<pre><code>Pseudo-code
--------------------------------------------------------------------------------------------
offset = 0
node = group->vars:
while node != null:
if node's value is int:
round up offset to nearest multiple of 4
node->offset = offset
offset += sizeof(int)
if node's value is str:
round up offset to nearest multiple of 8
node->offset = offset
offset += sizeof(str)
node = node -> next
--------------------------------------------------------------------------------------------
linked list (from above):
D(int) -> C(string) -> B(int) -> A(int)
offset=0
D
D->offset = 0
offset = 4
C
C->offset = 8
offset = 24
B
B->offset = 24
offset = 28
A
A->offset = 28
offset = 32 (which would be the actual group size)
</code></pre>
<p>So, as visible, <em><strong>the order in which the linked list is being processed is causing issues</strong></em> (from A to D in one case and from D to A in the next case).<br>
while the group size calculation code block leads to a group size of 28, the group size according to the second code block would be 32 and the offset of the last variable would we 28. This would lead to the last variable (all 4 bytes) getting corrupted.</p>
<p>My temporary solution is to recalculate the group size every time a variable is added in the first code block by re-traversing the linked list but is definitely not the ideal solution.</p>
<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/kamailio/kamailio/issues/1583#issuecomment-430393708">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AF36ZS-EE8fW7z6m9rKgQXCkyF088VHQks5ulkU-gaJpZM4VDDlj">mute the thread</a>.<img src="https://github.com/notifications/beacon/AF36Zd9L1uMaJ5UF5IsTCVPT2CM9_5gfks5ulkU-gaJpZM4VDDlj.gif" height="1" width="1" alt="" /></p>
<script type="application/json" data-scope="inboxmarkup">{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/kamailio/kamailio","title":"kamailio/kamailio","subtitle":"GitHub repository","main_image_url":"https://assets-cdn.github.com/images/email/message_cards/header.png","avatar_image_url":"https://assets-cdn.github.com/images/email/message_cards/avatar.png","action":{"name":"Open in GitHub","url":"https://github.com/kamailio/kamailio"}},"updates":{"snippets":[{"icon":"PERSON","message":"@vinesinha in #1583: Say you have a kamailio config file with variables ordered as A(int),B(int),C(string),D(int) – (all belonging to the same group).\r\nKamailio first creates a linked list of these variables in a given group and calculates the group size as follows [actual code](https://github.com/kamailio/kamailio/blob/master/src/core/cfg/cfg_script.c#L34)):\r\n\r\n```\r\nPseudo-code\r\n---------------------------------------------------------------------------------------------\r\ngroup-\u003esize = 0\r\ngroup-\u003evars = null // the pointer to the head of the linked list of variables\r\ncreate_group_linked_list:\r\n for variable in group:\r\n if variable is integer:\r\n round up group_size to the nearest 4 byte multiple\r\n group_size += sizeof(int)\r\n if variable is string:\r\n round up group_size to the nearest 8 byte multiple\r\n group_size += sizeof(str) //str is a kamailio type (size 16 in our C++ compiler)\r\n if group-\u003evars is null:\r\n group-\u003evars = variable\r\n else\r\n variables-\u003enext = group-\u003evars\r\n group-\u003evars = variable\r\n---------------------------------------------------------------------------------------------\r\nLinked list creation\r\n \r\n \r\nNULL\r\ngroup-\u003esize 0\r\n \r\n \r\nA(int)\r\ngroup-\u003esize 4\r\n \r\n \r\nB(int) -\u003e A\r\ngroup-\u003esize 8\r\n \r\n \r\nC(string) -\u003e B -\u003e A\r\ngroup-\u003esize 24\r\n \r\n \r\nD(int) -\u003e C -\u003e B -\u003e A\r\ngroup-\u003esize 28\r\n```\r\nHowever, this linked list is not used as is. it is copied to a single shared memory block for all child processes.\r\nThis is done in the [cfg_shmize()](https://github.com/kamailio/kamailio/blob/master/src/core/cfg/cfg_struct.c#L180) which further calls [cfg_script_fixup()](https://github.com/kamailio/kamailio/blob/master/src/core/cfg/cfg_script.c#L222)\r\nBasically, the function goes through the linked list of variables created above and calculates the offset of each variable in the memory block assuming that the offset of the first variable is 0.\r\nFollowing is the pseudo-code of what cfg_script_fixup() does for the linked list and offset calculation:\r\n\r\n```\r\nPseudo-code\r\n--------------------------------------------------------------------------------------------\r\noffset = 0\r\nnode = group-\u003evars:\r\nwhile node != null:\r\n if node's value is int:\r\n round up offset to nearest multiple of 4\r\n node-\u003eoffset = offset\r\n offset += sizeof(int)\r\n if node's value is str:\r\n round up offset to nearest multiple of 8\r\n node-\u003eoffset = offset\r\n offset += sizeof(str)\r\n node = node -\u003e next\r\n--------------------------------------------------------------------------------------------\r\n \r\n \r\nlinked list (from above):\r\nD(int) -\u003e C(string) -\u003e B(int) -\u003e A(int)\r\n \r\n \r\noffset=0\r\n \r\nD\r\nD-\u003eoffset = 0\r\noffset = 4\r\n \r\nC\r\nC-\u003eoffset = 8\r\noffset = 24\r\n \r\nB\r\nB-\u003eoffset = 24\r\noffset = 28\r\nA\r\nA-\u003eoffset = 28\r\noffset = 32 (which would be the actual group size)\r\n```\r\n\r\nSo, as visible, ***the order in which the linked list is being processed is causing issues*** (from A to D in one case and from D to A in the next case). \r\nwhile the group size calculation code block leads to a group size of 28, the group size according to the second code block would be 32 and the offset of the last variable would we 28. This would lead to the last variable (all 4 bytes) getting corrupted.\r\n\r\nMy temporary solution is to recalculate the group size every time a variable is added in the first code block by re-traversing the linked list but is definitely not the ideal solution. "}],"action":{"name":"View Issue","url":"https://github.com/kamailio/kamailio/issues/1583#issuecomment-430393708"}}}</script>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/kamailio/kamailio/issues/1583#issuecomment-430393708",
"url": "https://github.com/kamailio/kamailio/issues/1583#issuecomment-430393708",
"name": "View Issue"
},
"description": "View this Issue on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
},
{
"@type": "MessageCard",
"@context": "http://schema.org/extensions",
"hideOriginalBody": "false",
"originator": "AF6C5A86-E920-430C-9C59-A73278B5EFEB",
"title": "Re: [kamailio/kamailio] cfg_rpc updates changing variable values to large random numbers (#1583)",
"sections": [
{
"text": "",
"activityTitle": "**vinesinha**",
"activityImage": "https://assets-cdn.github.com/images/email/message_cards/avatar.png",
"activitySubtitle": "@vinesinha",
"facts": [
]
}
],
"potentialAction": [
{
"name": "Add a comment",
"@type": "ActionCard",
"inputs": [
{
"isMultiLine": true,
"@type": "TextInput",
"id": "IssueComment",
"isRequired": false
}
],
"actions": [
{
"name": "Comment",
"@type": "HttpPOST",
"target": "https://api.github.com",
"body": "{\n\"commandName\": \"IssueComment\",\n\"repositoryFullName\": \"kamailio/kamailio\",\n\"issueId\": 1583,\n\"IssueComment\": \"{{IssueComment.value}}\"\n}"
}
]
},
{
"targets": [
{
"os": "default",
"uri": "https://github.com/kamailio/kamailio/issues/1583#issuecomment-430393708"
}
],
"@type": "OpenUri",
"name": "View on GitHub"
},
{
"name": "Unsubscribe",
"@type": "HttpPOST",
"target": "https://api.github.com",
"body": "{\n\"commandName\": \"MuteNotification\",\n\"threadId\": 353122659\n}"
}
],
"themeColor": "26292E"
}
]</script>