Thanks for digging in further, the details proved to be important.

And I think I found the issue -- when the type was not provided, the pointer inside the xmlNode structure was used instead of using the function to return a clone of the content, in order to free it later via xmlrpc module garbage collector.

I couldn't test it -- if you can test the commit:

https://github.com/kamailio/kamailio/commit/6b23c27d8406780083a6b7bb774efa2a53aea540

and all works fine, then you can backport to stable branches.

Cheers,
Daniel

On 03/05/16 14:19, Juha Heinanen wrote:

in my sems xmlrpc test, i changed htable.reload command to
permissions.trustedReload (that does not have parameters) and have not
been able to produce a crash.

my conclusion is that xmlrpc string parameter value without
<string></string> is causing the crash (perhaps due to memory allocation
bug either in kamailio or in the xml lib that it is using).

-- juha

-- 
Daniel-Constantin Mierla
http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com