[Kamailio-Devel] Serious regressions in 1.5.0 dialog module - or just me?

[Henning Westerholt]

On Tuesday 07 April 2009, Alex Balashov wrote:
> [..]
> Two fundamental problems:
>
> 1) get_profile_size() on profiles with no "values" (i.e. inside the
> enumerated "profiles_no_value" modparam) crashes.
>
> This problem also exists on 1.4.4.  I have not tried other 1.4.x releases.
> [..]

Hi Alex,

at first i thought that this problem could be caused from the recent changed 
in the pv code that was done in preparations for the sr merge. But if this 
also happens in the 1.4.4 version, this is not possible.

> According to the GDB backtrace, the crash occurs at
> modules/dialog/dialog.c:701:
>
>          if(sp_dest->setf(msg, &sp_dest->pvp, (int)EQ_T, &val)<0)
>          {
>                  LM_ERR("setting profile PV failed\n");
>                  return -1;
>          }
>
> The cause is that sp_dest is NULL here.  I have determined that the
> value of 'result' in w_get_profile_size() as passed into this prototype:
>
>    static int w_get_profile_size(struct sip_msg *msg, char *profile,
> char *value, char *result)
>
> is NULL.

Are you sure that really result is NULL here? I'm not an expert in this dialog 
code, but i'd think that "value" should be null in profile without value. 
This is also the condition that is checked here:

pve = (pv_elem_t *)value;
if ( pve!=NULL && ((struct dlg_profile_table*)profile)->has_value) {...}

> I would conclude from this - not being a developer - that the root cause
> is that the config file/route script lexer does not properly distinguish
> between the value-less and with-value argument combination of
> get_profile_size() that can occur.

Yes, could be possible that the fixup function is not correct here.

> A workaround is possible by setting my 'global' profile to be "with
> values" as well and using a bogus value key like "1" that is always the
> same.  However, I do not think this should be happening.

Cheers,

Henning