[SR-Users] kamailio 4.4.1 crash on bad sip response

David Escartín Almudévar descartin at bts.io
Fri Mar 24 12:10:06 CET 2017


hello all 

we have experienced a crash and tracing the logs and the core, seems it
was because a sip response from an endpoint.
a UDP receiver (26248) crashed and the last message we see on it is a
487 quite bad formed

Mar 24 01:58:02
mia-proxy-inout-1-stby /usr/local/kamailio/sbin/kamailio[26248]: ERROR:
tm [t_lookup.c:1055]: t_check_msg(): ERROR: reply doesn't have a via,
cseq or call-id header
Mar 24 01:58:17
mia-proxy-inout-1-stby /usr/local/kamailio/sbin/kamailio[26230]: ALERT:
<core> [main.c:739]: handle_sigs(): child process 26248 exited by a
signal 11


the backtrace of the core
(gdb) backtrace
#0  0x0000000000457ab9 in get_hash1_case_raw (s=0x0, len=0) at
hashes.h:210
#1  0x000000000045b472 in _dns_hash_find (name=0x7f6906943188, type=1,
h=0x7fff120793cc, err=0x7fff120793ac) at dns_cache.c:535
#2  0x0000000000461285 in dns_hash_get (name=0x7f6906943188, type=1,
h=0x7fff120793cc, err=0x7fff120793ac) at dns_cache.c:762
#3  0x0000000000467194 in dns_get_entry (name=0x7f6906943188, type=1) at
dns_cache.c:2102
#4  0x0000000000468a05 in dns_a_get_he (name=0x7f6906943188) at
dns_cache.c:2432
#5  0x0000000000468bb9 in dns_get_he (name=0x7f6906943188, flags=1) at
dns_cache.c:2505
#6  0x00000000004696c4 in dns_srv_sip_resolvehost (name=0x7f6906943188,
port=0x7fff120795e2, proto=0x7fff120795e1 "\001\330\023") at
dns_cache.c:2679
#7  0x000000000046aa37 in dns_sip_resolvehost (name=0x7f6906943188,
port=0x7fff120795e2, proto=0x7fff120795e1 "\001\330\023") at
dns_cache.c:2849
#8  0x000000000049519e in update_sock_struct_from_via
(to=0x7fff12079708, msg=0x7f69069a1dd8, via=0x7f69068f82a8) at
forward.c:704
#9  0x0000000000495ee5 in do_forward_reply (msg=0x7f69069a1dd8, mode=0)
at forward.c:766
#10 0x00000000004970af in forward_reply (msg=0x7f69069a1dd8) at
forward.c:849
#11 0x00000000005197ef in receive_msg (
    buf=0xab0d80 "SIP/2.0 487 Request Terminated\r\nFrom: \"8888888888
\"<sip:8888888888 at 7.7.7.7;user=phone>;tag=B7jgc8jQ4m5pB\r\nTo:
<sip:555555555 at 8.8.8.8:5060>;tag=e0d50be-13c4-58d47cba-a2ed9808-36fa\r
\nl\337K\016"..., len=367, rcv_info=0x7fff12079a10) at receive.c:299
#12 0x0000000000627b43 in udp_rcv_loop () at udp_server.c:495
#13 0x00000000004b107a in main_loop () at main.c:1600
#14 0x00000000004b842f in main (argc=13, argv=0x7fff12079fb8) at
main.c:2616


i have tried to duplicate the issue, but i dont know how to translate l
\337K\016 to a xml notation
i guess this is some weird that cannot be processed for kamailio

could you please take a look and let me know if you know how to
duplicate and fix this crash?

thanks a lot and regards
david
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20170324/5998187e/attachment.html>


More information about the sr-users mailing list