[OpenSIPS-Devel] [ opensips-Bugs-3606875 ] PUA_DIALOGINFO: crash

SourceForge.net noreply at sourceforge.net
Thu Mar 7 16:31:24 CET 2013 

Bugs item #3606875, was opened at 2013-03-04 22:59
Message generated for change (Comment added) made by bogdan_iancu
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=3606875&group_id=232389

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: 1.8.x
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Nick Altmann (nikbyte)
>Assigned to: Bogdan-Andrei Iancu (bogdan_iancu)
Summary: PUA_DIALOGINFO: crash

Initial Comment:
Ver. 1.8 svn #9623 and also the same code in trunk.

#1  0x00007fd89c660969 in memcpy (state=0x7fd89c665443 "confirmed", entity=0x7fff028f5800, peer=0x7fff028f5590, callid=0x7fd8945a7518,
    initiator=1, localtag=0x0, remotetag=0x0) at /usr/include/bits/string3.h:52
#2  build_dialoginfo (state=0x7fd89c665443 "confirmed", entity=0x7fff028f5800, peer=0x7fff028f5590, callid=0x7fd8945a7518,
    initiator=1, localtag=0x0, remotetag=0x0) at dialog_publish.c:77
#3  0x00007fd89c661632 in dialog_publish (state=<value optimized out>, entity=0x7fff028f5800, peer=<value optimized out>,
    callid=0x7fd8945a7518, initiator=<value optimized out>, lifetime=43200, localtag=0x0, remotetag=0x0) at dialog_publish.c:299
#4  0x00007fd89c663e74 in __dialog_sendpublish (dlg=0x7fd8945a74b8, type=<value optimized out>, _params=0x7fd8a1f39020)
    at pua_dialoginfo.c:355

The problem is in __dialog_sendpublish() from passed as entity into dialog_publish() and equal:
(gdb) p entity
$9 = (struct to_body *) 0x7fff028f5800
(gdb) p entity->uri
$10 = {s = 0x0, len = 42}


----------------------------------------------------------------------

>Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2013-03-07 07:31

Message:
Thanks to all info from Nick, it seems that the from uri from dlg structure
is corrupted (len is set, but pointer is NULL) .

Investigating...... 

----------------------------------------------------------------------

Comment By: Nick Altmann (nikbyte)
Date: 2013-03-04 23:02

Message:
Also From: in request or reply is okay.


----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=3606875&group_id=232389

More information about the Devel mailing list