[SR-Users] SIP Router 3.03 topoh

Daniel-Constantin Mierla miconda at gmail.com
Fri Feb 4 18:34:32 CET 2011 

Hello,

I did some more safety checks. Can you try it again and report if it is 
ok this time? I backported till version 3.0.x.

If you get some backtrace anytime is a crash, that will help a lot.

Thanks,
Daniel

On 2/4/11 5:48 PM, dotnetdub wrote:
>
>
> On 25 November 2010 17:38, marius zbihlei <marius.zbihlei at 1and1.ro 
> <mailto:marius.zbihlei at 1and1.ro>> wrote:
>
>     On 11/25/2010 07:32 PM, dotnetdub wrote:
>>
>>>
>
>     Are you able to test a patch if a provide one to you? I wanted to
>     wait for Daniel's opinion as I have no way of testing it. If you
>     have a dump of the attack traffic or you can generate more with
>     bad CSEQ (as from the message log you provided) you can test the
>     patch against your cfg and see if it still crashes(hope not). In
>     my opinion the crash should be deterministic. You will find the
>     trivial patch attached. If you can test it and it works I will
>     push it to upstream (also to 3.0 branch). Keep in mind that other
>     probles might appear as well during the processing of the SIP
>     messages. If a core does appear please retry the steps in the
>     previous mail with the new core and .so offset.
>
>     Apply the patch with the patch utility (copy to the modules/topoh
>     and run patch < patch) . I await some feedback :)
>
>     Marius
>
>
>
>
> Hi Marius,
>
> I did apply this patch and recompile. I checked the lib folder and 
> date of topoh changed to compile date.
>
> Another SIP attack and core dump again.
>
> This looks like different memory addresses though.
>
> proxy:/var/log# dmesg
> [1853341.778338] kamailio[20503]: segfault at 18 ip b7064220 sp 
> bf9c3370 error 4 in topoh.so[b7061000+d000]
> [1853341.921334] kamailio[20507]: segfault at 18 ip b7064220 sp 
> bf9c3370 error 4 in topoh.so[b7061000+d000]
> [1853341.991430] kamailio[20498]: segfault at 18 ip b7064220 sp 
> bf9c3370 error 4 in topoh.so[b7061000+d000]
> [1853342.057429] kamailio[20506]: segfault at 18 ip b7064220 sp 
> bf9c3370 error 4 in topoh.so[b7061000+d000]
> [1853342.139751] kamailio[20505]: segfault at 18 ip b7064220 sp 
> bf9c3370 error 4 in topoh.so[b7061000+d000]
> [1853342.149429] kamailio[20499]: segfault at 18 ip b7064220 sp 
> bf9c3370 error 4 in topoh.so[b7061000+d000]
> [1853342.156097] kamailio[20502]: segfault at 18 ip b7064220 sp 
> bf9c3370 error 4 in topoh.so[b7061000+d000]
> [1853342.160097] kamailio[20501]: segfault at 18 ip b7064220 sp 
> bf9c3370 error 4 in topoh.so[b7061000+d000]
> [1853342.163561] kamailio[20500]: segfault at 18 ip b7064220 sp 
> bf9c3370 error 4 in topoh.so[b7061000+d000]
> [1853342.168357] kamailio[20504]: segfault at 18 ip b7064220 sp 
> bf9c3370 error 4 in topoh.so[b7061000+d000]
>
>
>
> Feb  4 16:19:09 proxy1 sip[20503]: ERROR: <core> 
> [parser/parse_cseq.c:97]: ERROR: CSeq EoL expected
>
> Feb  4 16:19:09 proxy1 kernel: [1853341.778338] kamailio[20503]: 
> segfault at 18 ip b7064220 sp bf9c3370 error 4 in topoh.so[b7061000+d000]
>
> Feb  4 16:19:09 proxy1 sip[20503]: ERROR: <core> 
> [parser/parse_cseq.c:100]: ERROR: parse_cseq: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20503]: ERROR: <core> 
> [parser/msg_parser.c:158]: ERROR: get_hdr_field: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20503]: INFO: <core> 
> [parser/msg_parser.c:353]: ERROR: bad header field [CSeq: 1 REGISTER ACK]
>
> Feb  4 16:19:09 proxy1 sip[20500]: INFO: <script>: [ROUTE-1] Received 
> registration from sip:3564815798 at 195.191.29.11 
> <mailto:sip%3A3564815798 at 195.191.29.11> (180.148.1.3)
>
> Feb  4 16:19:09 proxy1 sip[20500]: INFO: <script>: [ROUTE-1 !] 
> Credentials invalid; issuing challenge
>
> Feb  4 16:19:09 proxy1 sip[20507]: ERROR: <core> 
> [parser/parse_cseq.c:97]: ERROR: CSeq EoL expected
>
> Feb  4 16:19:09 proxy1 sip[20507]: ERROR: <core> 
> [parser/parse_cseq.c:100]: ERROR: parse_cseq: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20507]: ERROR: <core> 
> [parser/msg_parser.c:158]: ERROR: get_hdr_field: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20507]: INFO: <core> 
> [parser/msg_parser.c:353]: ERROR: bad header field [CSeq: 1 REGISTER ACK]
>
> Feb  4 16:19:09 proxy1 kernel: [1853341.921334] kamailio[20507]: 
> segfault at 18 ip b7064220 sp bf9c3370 error 4 in topoh.so[b7061000+d000]
>
> Feb  4 16:19:09 proxy1 sip[20498]: ERROR: <core> 
> [parser/parse_cseq.c:97]: ERROR: CSeq EoL expected
>
> Feb  4 16:19:09 proxy1 sip[20498]: ERROR: <core> 
> [parser/parse_cseq.c:100]: ERROR: parse_cseq: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20498]: ERROR: <core> 
> [parser/msg_parser.c:158]: ERROR: get_hdr_field: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20498]: INFO: <core> 
> [parser/msg_parser.c:353]: ERROR: bad header field [CSeq: 1 REGISTER ACK]
>
> Feb  4 16:19:09 proxy1 kernel: [1853341.991430] kamailio[20498]: 
> segfault at 18 ip b7064220 sp bf9c3370 error 4 in topoh.so[b7061000+d000]
>
> Feb  4 16:19:09 proxy1 sip[20506]: ERROR: <core> 
> [parser/parse_cseq.c:97]: ERROR: CSeq EoL expected
>
> Feb  4 16:19:09 proxy1 sip[20506]: ERROR: <core> 
> [parser/parse_cseq.c:100]: ERROR: parse_cseq: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20506]: ERROR: <core> 
> [parser/msg_parser.c:158]: ERROR: get_hdr_field: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20506]: INFO: <core> 
> [parser/msg_parser.c:353]: ERROR: bad header field [CSeq: 1 REGISTER ACK]
>
> Feb  4 16:19:09 proxy1 kernel: [1853342.057429] kamailio[20506]: 
> segfault at 18 ip b7064220 sp bf9c3370 error 4 in topoh.so[b7061000+d000]
>
> Feb  4 16:19:09 proxy1 sip[20505]: ERROR: <core> 
> [parser/parse_cseq.c:97]: ERROR: CSeq EoL expected
>
> Feb  4 16:19:09 proxy1 sip[20505]: ERROR: <core> 
> [parser/parse_cseq.c:100]: ERROR: parse_cseq: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20505]: ERROR: <core> 
> [parser/msg_parser.c:158]: ERROR: get_hdr_field: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20505]: INFO: <core> 
> [parser/msg_parser.c:353]: ERROR: bad header field [CSeq: 1 REGISTER ACK]
>
> Feb  4 16:19:09 proxy1 kernel: [1853342.139751] kamailio[20505]: 
> segfault at 18 ip b7064220 sp bf9c3370 error 4 in topoh.so[b7061000+d000]
>
> Feb  4 16:19:09 proxy1 sip[20499]: ERROR: <core> 
> [parser/parse_cseq.c:97]: ERROR: CSeq EoL expected
>
> Feb  4 16:19:09 proxy1 sip[20499]: ERROR: <core> 
> [parser/parse_cseq.c:100]: ERROR: parse_cseq: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20499]: ERROR: <core> 
> [parser/msg_parser.c:158]: ERROR: get_hdr_field: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20499]: INFO: <core> 
> [parser/msg_parser.c:353]: ERROR: bad header field [CSeq: 1 REGISTER ACK]
>
> Feb  4 16:19:09 proxy1 kernel: [1853342.149429] kamailio[20499]: 
> segfault at 18 ip b7064220 sp bf9c3370 error 4 in topoh.so[b7061000+d000]
>
> Feb  4 16:19:09 proxy1 sip[20502]: ERROR: <core> 
> [parser/parse_cseq.c:97]: ERROR: CSeq EoL expected
>
> Feb  4 16:19:09 proxy1 sip[20502]: ERROR: <core> 
> [parser/parse_cseq.c:100]: ERROR: parse_cseq: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20502]: ERROR: <core> 
> [parser/msg_parser.c:158]: ERROR: get_hdr_field: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20502]: INFO: <core> 
> [parser/msg_parser.c:353]: ERROR: bad header field [CSeq: 1 REGISTER ACK]
>
> Feb  4 16:19:09 proxy1 kernel: [1853342.156097] kamailio[20502]: 
> segfault at 18 ip b7064220 sp bf9c3370 error 4 in topoh.so[b7061000+d000]
>
> Feb  4 16:19:09 proxy1 sip[20501]: ERROR: <core> 
> [parser/parse_cseq.c:97]: ERROR: CSeq EoL expected
>
> Feb  4 16:19:09 proxy1 sip[20501]: ERROR: <core> 
> [parser/parse_cseq.c:100]: ERROR: parse_cseq: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20501]: ERROR: <core> 
> [parser/msg_parser.c:158]: ERROR: get_hdr_field: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20501]: INFO: <core> 
> [parser/msg_parser.c:353]: ERROR: bad header field [CSeq: 1 REGISTER ACK]
>
> Feb  4 16:19:09 proxy1 kernel: [1853342.160097] kamailio[20501]: 
> segfault at 18 ip b7064220 sp bf9c3370 error 4 in topoh.so[b7061000+d000]
>
> Feb  4 16:19:09 proxy1 sip[20500]: ERROR: <core> 
> [parser/parse_cseq.c:97]: ERROR: CSeq EoL expected
>
> Feb  4 16:19:09 proxy1 sip[20500]: ERROR: <core> 
> [parser/parse_cseq.c:100]: ERROR: parse_cseq: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20500]: ERROR: <core> 
> [parser/msg_parser.c:158]: ERROR: get_hdr_field: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20500]: INFO: <core> 
> [parser/msg_parser.c:353]: ERROR: bad header field [CSeq: 1 REGISTER ACK]
>
> Feb  4 16:19:09 proxy1 kernel: [1853342.163561] kamailio[20500]: 
> segfault at 18 ip b7064220 sp bf9c3370 error 4 in topoh.so[b7061000+d000]
>
> Feb  4 16:19:09 proxy1 sip[20504]: ERROR: <core> 
> [parser/parse_cseq.c:97]: ERROR: CSeq EoL expected
>
> Feb  4 16:19:09 proxy1 sip[20504]: ERROR: <core> 
> [parser/parse_cseq.c:100]: ERROR: parse_cseq: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20504]: ERROR: <core> 
> [parser/msg_parser.c:158]: ERROR: get_hdr_field: bad cseq
>
> Feb  4 16:19:09 proxy1 sip[20504]: INFO: <core> 
> [parser/msg_parser.c:353]: ERROR: bad header field [CSeq: 1 REGISTER ACK]
>
> Feb  4 16:19:09 proxy1 kernel: [1853342.168357] kamailio[20504]: 
> segfault at 18 ip b7064220 sp bf9c3370 error 4 in topoh.so[b7061000+d000]
>
> Feb  4 16:19:13 proxy1 sip[20497]: ALERT: <core> [main.c:741]: child 
> process 20507 exited by a signal 11
>
>
>
> Regards,
> Brian
>
>
>>
>>     Regards
>>     Brian
>>
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla
http://www.asipto.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20110204/a43245ba/attachment-0001.htm>

More information about the sr-users mailing list