THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.
The following task has a new comment added:
FS#477 - xavp_insert can corrupt linked list pointers
User who did this - Daniel-Constantin Mierla (miconda)
----------
Thanks for digging into it and providing a patch -- I couldn't spot anything wrong, you can go ahead and commit.
----------
More information can be found at the following URL:
http://sip-router.org/tracker/index.php?do=details&task_id=477#comment1659
You are receiving this message because you have requested it from the Flyspray bugtracking system. If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.
THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.
The following task has a new comment added:
FS#477 - xavp_insert can corrupt linked list pointers
User who did this - Hugh Waite (hugh.waite)
----------
I've attached a patch against master that (I believe) fixes the problem.
Inserting at a given index will insert the correct number of NULL xavp entries. Inserting at an index where a NULL entry exists will replace the entry.
Any comments before I commit?
----------
One or more files have been attached.
More information can be found at the following URL:
http://sip-router.org/tracker/index.php?do=details&task_id=477#comment1658
You are receiving this message because you have requested it from the Flyspray bugtracking system. If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.
THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.
A new Flyspray task has been opened. Details are below.
User who did this - Hugh Waite (hugh.waite)
Attached to Project - sip-router
Summary - xavp_insert can corrupt linked list pointers
Task Type - Bug Report
Category - Core
Status - New
Assigned To -
Operating System - All
Severity - High
Priority - Normal
Reported Version - Development
Due in Version - Undecided
Due Date - Undecided
Details - I have identified a bug in xavp_insert() in xavp.c which will corrupt the linked list pointers when inserting an entry to a given index. This can lead to infinate loops when searching the list.
The following code will reproduce the issue:
<code>
static struct mi_root* mi_test_xavp(struct mi_root* cmd_tree, void* param)
{
sr_xavp_t *xavp_list = NULL;
sr_xavp_t *axavp = NULL;
sr_xavp_t *bxavp = NULL;
sr_xval_t val;
str myname = str_init("hugh");
str othername = str_init("other");
int ival = 100;
val.type = SR_XTYPE_INT;
val.v.i = ival++;
xavp_add_xavp_value(&othername, &myname, &val, &axavp);
LM_ERR("### axavp is\n\n");
xavp_print_list(&axavp);
val.v.i = ival++;
xavp_add_xavp_value(&othername, &myname, &val, &bxavp);
LM_ERR("### bxavp is\n\n");
xavp_print_list(&bxavp);
xavp_insert(axavp, 1, &xavp_list);
LM_ERR("### After insert at pos 1\n");
xavp_print_list(&xavp_list);
/* This part is unreachable */
xavp_insert(bxavp, 0, &xavp_list);
LM_ERR("### After second insert at pos 0\n");
xavp_print_list(&xavp_list);
xavp_destroy_list(&xavp_list);
return (init_mi_tree( 200, MI_OK_S, MI_OK_LEN ));
}</code>
I'm looking at xavp_insert (xavp.c:694) to see how to fix this.
When inserting with a non-zero index, the code attempts to pad the list with SR_XTYPE_NULL entries, so that the new entry will be accessible at the given index. This should be easily fixable.
I expect that the function should attempt to overwrite an SR_XTYPE_NULL entry at the correct position E.g. if items are inserted in reverse order.
I'll post a fix as soon as I have one for your comments.
Hugh
More information can be found at the following URL:
http://sip-router.org/tracker/index.php?do=details&task_id=477
You are receiving this message because you have requested it from the Flyspray bugtracking system. If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.
THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.
The following task has a new comment added:
FS#475 - Documentation Incorrect
User who did this - Walter Doekes (wdoekes)
----------
Perhaps this is of use:
https://github.com/wdoekes/opensips/commit/b519d6997e6faa654ff4a51384335900…
----------
More information can be found at the following URL:
http://sip-router.org/tracker/index.php?do=details&task_id=475#comment1657
You are receiving this message because you have requested it from the Flyspray bugtracking system. If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.
THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.
The following task has a new comment added:
FS#476 - CRASH: segmentation fault on module db_cluster with postgres
User who did this - Nuno Miguel Reis (nmreis)
----------
Hi Daniel.
Thanks for the quick answer.
I can confirm that. No more crashes with trace_delayed set to 0 and I do agree with you that kamailio should avoid segfaulting because of this.
Thanks.
----------
More information can be found at the following URL:
https://sip-router.org/tracker/index.php?do=details&task_id=476#comment1656
You are receiving this message because you have requested it from the Flyspray bugtracking system. If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.
THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.
The following task has a new comment added:
FS#476 - CRASH: segmentation fault on module db_cluster with postgres
User who did this - Daniel-Constantin Mierla (miconda)
----------
I assume you have:
modparam("siptrace", "trace_delayed", 1)
Postgress does not support that, use:
modparam("siptrace", "trace_delayed", 0)
I will look at db_cluster and see how to avoid the crash.
----------
More information can be found at the following URL:
http://sip-router.org/tracker/index.php?do=details&task_id=476#comment1655
You are receiving this message because you have requested it from the Flyspray bugtracking system. If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.