[sr-dev] [tracker] Task opened: crash in dns_cache.c when using natping

sip-router bugtracker at sip-router.org
Fri Nov 7 09:06:57 CET 2014 

THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.

A new Flyspray task has been opened.  Details are below. 

User who did this - Jason Penton (jaybeepee) 

Attached to Project - sip-router
Summary - crash in dns_cache.c when using natping
Task Type - Bug Report
Category - dns / dns cache
Status - New
Assigned To - 
Operating System - All
Severity - Medium
Priority - Normal
Reported Version - Development
Due in Version - Undecided
Due Date - Undecided
Details - Crash in dns_cache.c

#0  0x0000000000464543 in dns_naptr_sip_resolvehost (name=0x7fff7ea6ce40, port=0x0, proto=0x0) at dns_cache.c:2811
#1  0x0000000000464d45 in dns_sip_resolvehost (name=0x7fff7ea6ce40, port=0x0, proto=0x0) at dns_cache.c:2876
#2  0x00007f35b2f9bb89 in send_keepalive (contact=0x7f35736e0c08) at nat_traversal.c:1557
#3  0x00007f35b2f9bcd1 in keepalive_timer (ticks=62930527, data=0x0) at nat_traversal.c:1591
#4  0x0000000000603b62 in fork_basic_timer (child_id=-1, desc=0x7f35b2fa6dc5 "TIMER NT", make_sock=1, f=0x7f35b2f9bc18 <keepalive_timer>, param=0x0, interval=1) at timer_proc.c:90
#5  0x00007f35b2f9fa79 in child_init (rank=0) at nat_traversal.c:1820
#6  0x000000000059674d in init_mod_child (m=0x7f35b9a0bf50, rank=0) at sr_module.c:921
#7  0x0000000000596a61 in init_child (rank=0) at sr_module.c:947
#8  0x00000000004a85da in main_loop () at main.c:1709
#9  0x00000000004ad5f9 in main (argc=7, argv=0x7fff7ea6f3a8) at main.c:2568

This crash will happen everytime with the call from nathelper:
( hostent = sip_resolvehost(&nat_ip, NULL, NULL);

the 3rd argument is the proto parameter in the target function which is dereferenced without a check in dns_cache.c:
origproto=*proto;

I am not sure what the fix will be (either assume proto is UDP if NULL) or nathelper must be specific when calling sip_resolvehost...

More information can be found at the following URL:
http://sip-router.org/tracker/index.php?do=details&task_id=491

You are receiving this message because you have requested it from the Flyspray bugtracking system.  If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.

More information about the sr-dev mailing list