Hi All.
I pulled dev12 from berlios tonight and found that auth_db seems to be causing a core dump when www_authorize and proxy_authorize are called.
Can anyone verify this as a bug?
Cheers, Paul
__________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
the auth_db have not been touched for a while, but it can occur because of other changes. Please generate a core dump and, if possible, put it somewhere on a ftp/http server for download along with ser sources and binaries (compiled ser and modules), otherwise send it by mail to private address. Use "ulimit -c unlimited" to allow large core dumps into your system.
The back trace might be also enough, if it is a easy one ("gdb ser core_file", then "bt"), will point out where the bug is.
Daniel
On 10/29/04 05:54, Java Rockx wrote:
Hi All.
I pulled dev12 from berlios tonight and found that auth_db seems to be causing a core dump when www_authorize and proxy_authorize are called.
Can anyone verify this as a bug?
Cheers, Paul
__________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
berlios cvs shows auth_db changed on 10.25.2004
Anyhow, here is the offending line in the core dump. If you still need the core dump I can put it on an FTP server.
out of bounds authorize.c Line 218: rpid.len = strlen(rpid.s);
Regards, Paul
#0 0xb72ef4ea in authorize (_m=0x8101480, _realm=0x1, _table=0x1 <Address 0x1 out of bounds>, _hftype=1) at authorize.c:218 218 rpid.len = strlen(rpid.s); (gdb) bt #0 0xb72ef4ea in authorize (_m=0x8101480, _realm=0x1, _table=0x1 <Address 0x1 out of bounds>, _hftype=1) at authorize.c:218 #1 0xb72eed97 in www_authorize (_m=0x1, _realm=0x1 <Address 0x1 out of bounds>, _table=0x1 <Address 0x1 out of bounds>) at authorize.c:273 #2 0x0804ef2a in do_action (a=0x80fe488, msg=0x8101480) at action.c:609 #3 0x0805077c in run_actions (a=0x80fe488, msg=0x8101480) at action.c:707 #4 0x0806e81d in eval_elem (e=0x80fe4c0, msg=0x80fe488) at route.c:574 #5 0x0806d01c in eval_expr (e=0x80fe4c0, msg=0x8101480) at route.c:623 #6 0x0806cfef in eval_expr (e=0x80fe4ec, msg=0x8101480) at route.c:639 #7 0x0804ee13 in do_action (a=0x80fe750, msg=0x8101480) at action.c:585 #8 0x0805077c in run_actions (a=0x80fe750, msg=0x8101480) at action.c:707 #9 0x0804ee49 in do_action (a=0x80fe928, msg=0x8101480) at action.c:599 #10 0x0805077c in run_actions (a=0x80fe928, msg=0x8101480) at action.c:707 #11 0x0804ee49 in do_action (a=0x80ff160, msg=0x8101480) at action.c:599 #12 0x0805077c in run_actions (a=0x80ff160, msg=0x8101480) at action.c:707 #13 0x0806a0db in receive_msg ( buf=0x80c3300 "REGISTER sip:sip.mycompany.com SIP/2.0\r\nVia: SIP/2.0/UDP 192.168.0.83;branch=z9hG4bKcd79a72929d59b77\r\nFrom: "Paul (1002)" sip:1002@sip.mycompany.com;user=phone;tag=c5b0a82a0a7e379f\r\nTo: <sip:1002@sip.mycom"..., len=684, rcv_info=0xbfffc030) at receive.c:165 #14 0x0807b99a in udp_rcv_loop () at udp_server.c:458 #15 0x0805b9a4 in main_loop () at main.c:910 #16 0x0805cd8c in main (argc=2, argv=0xb52bc43c) at main.c:1443
--- Daniel-Constantin Mierla Daniel-Constantin.Mierla@fokus.fraunhofer.de wrote:
the auth_db have not been touched for a while, but it can occur because of other changes. Please generate a core dump and, if possible, put it somewhere on a ftp/http server for download along with ser sources and binaries (compiled ser and modules), otherwise send it by mail to private address. Use "ulimit -c unlimited" to allow large core dumps into your system.
The back trace might be also enough, if it is a easy one ("gdb ser core_file", then "bt"), will point out where the bug is.
Daniel
On 10/29/04 05:54, Java Rockx wrote:
Hi All.
I pulled dev12 from berlios tonight and found that auth_db seems to be
causing
a core dump when www_authorize and proxy_authorize are called.
Can anyone verify this as a bug?
Cheers, Paul
__________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
__________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail
On 10/29/04 08:37, Java Rockx wrote:
berlios cvs shows auth_db changed on 10.25.2004
yes, i was too sleepy, I should have taken the shower before reading the mailing list :-) ... Maxim did some recent changes which added some avp operations.
Anyhow, here is the offending line in the core dump. If you still need the core dump I can put it on an FTP server.
out of bounds authorize.c Line 218: rpid.len = strlen(rpid.s);
seems that the rpid.s is not zero terminated or is something else wrong there ... maybe rpid uninitialized ... I will take a look.
Thanks for reporting, Daniel
Regards, Paul
#0 0xb72ef4ea in authorize (_m=0x8101480, _realm=0x1, _table=0x1 <Address 0x1 out of bounds>, _hftype=1) at authorize.c:218 218 rpid.len = strlen(rpid.s); (gdb) bt #0 0xb72ef4ea in authorize (_m=0x8101480, _realm=0x1, _table=0x1 <Address 0x1 out of bounds>, _hftype=1) at authorize.c:218 #1 0xb72eed97 in www_authorize (_m=0x1, _realm=0x1 <Address 0x1 out of bounds>, _table=0x1 <Address 0x1 out of bounds>) at authorize.c:273 #2 0x0804ef2a in do_action (a=0x80fe488, msg=0x8101480) at action.c:609 #3 0x0805077c in run_actions (a=0x80fe488, msg=0x8101480) at action.c:707 #4 0x0806e81d in eval_elem (e=0x80fe4c0, msg=0x80fe488) at route.c:574 #5 0x0806d01c in eval_expr (e=0x80fe4c0, msg=0x8101480) at route.c:623 #6 0x0806cfef in eval_expr (e=0x80fe4ec, msg=0x8101480) at route.c:639 #7 0x0804ee13 in do_action (a=0x80fe750, msg=0x8101480) at action.c:585 #8 0x0805077c in run_actions (a=0x80fe750, msg=0x8101480) at action.c:707 #9 0x0804ee49 in do_action (a=0x80fe928, msg=0x8101480) at action.c:599 #10 0x0805077c in run_actions (a=0x80fe928, msg=0x8101480) at action.c:707 #11 0x0804ee49 in do_action (a=0x80ff160, msg=0x8101480) at action.c:599 #12 0x0805077c in run_actions (a=0x80ff160, msg=0x8101480) at action.c:707 #13 0x0806a0db in receive_msg ( buf=0x80c3300 "REGISTER sip:sip.mycompany.com SIP/2.0\r\nVia: SIP/2.0/UDP 192.168.0.83;branch=z9hG4bKcd79a72929d59b77\r\nFrom: "Paul (1002)" sip:1002@sip.mycompany.com;user=phone;tag=c5b0a82a0a7e379f\r\nTo: <sip:1002@sip.mycom"..., len=684, rcv_info=0xbfffc030) at receive.c:165 #14 0x0807b99a in udp_rcv_loop () at udp_server.c:458 #15 0x0805b9a4 in main_loop () at main.c:910 #16 0x0805cd8c in main (argc=2, argv=0xb52bc43c) at main.c:1443
--- Daniel-Constantin Mierla Daniel-Constantin.Mierla@fokus.fraunhofer.de wrote:
the auth_db have not been touched for a while, but it can occur because of other changes. Please generate a core dump and, if possible, put it somewhere on a ftp/http server for download along with ser sources and binaries (compiled ser and modules), otherwise send it by mail to private address. Use "ulimit -c unlimited" to allow large core dumps into your system.
The back trace might be also enough, if it is a easy one ("gdb ser core_file", then "bt"), will point out where the bug is.
Daniel
On 10/29/04 05:54, Java Rockx wrote:
Hi All.
I pulled dev12 from berlios tonight and found that auth_db seems to be
causing
a core dump when www_authorize and proxy_authorize are called.
Can anyone verify this as a bug?
Cheers, Paul
__________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
__________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail
the problem is that in the definition of the table subscriber the value of rpid column is by default set to NULL, so the query to mysql will return NULL if there is no rpid value for a user. The quick fix should be to test if rpid.s==NULL before doing the strlen() at line 218 in authorize.c (replace that line with: if(rpid.s!=0) rpid.len = strlen(rpid.s); ). I have no time to test it now, could yo check if this solves the issue?
A bit later I can do the tests and send a patch, if the issue is still open.
Daniel
On 10/29/04 10:20, Daniel-Constantin Mierla wrote:
On 10/29/04 08:37, Java Rockx wrote:
berlios cvs shows auth_db changed on 10.25.2004
yes, i was too sleepy, I should have taken the shower before reading the mailing list :-) ... Maxim did some recent changes which added some avp operations.
Anyhow, here is the offending line in the core dump. If you still need the core dump I can put it on an FTP server.
out of bounds authorize.c Line 218: rpid.len = strlen(rpid.s);
seems that the rpid.s is not zero terminated or is something else wrong there ... maybe rpid uninitialized ... I will take a look.
Thanks for reporting, Daniel
Regards, Paul
#0 0xb72ef4ea in authorize (_m=0x8101480, _realm=0x1, _table=0x1
<Address 0x1 out of bounds>, _hftype=1) at authorize.c:218 218 rpid.len = strlen(rpid.s); (gdb) bt #0 0xb72ef4ea in authorize (_m=0x8101480, _realm=0x1, _table=0x1 <Address 0x1 out of bounds>, _hftype=1) at authorize.c:218 #1 0xb72eed97 in www_authorize (_m=0x1, _realm=0x1 <Address 0x1 out of bounds>, _table=0x1 <Address 0x1 out of bounds>) at authorize.c:273 #2 0x0804ef2a in do_action (a=0x80fe488, msg=0x8101480) at action.c:609 #3 0x0805077c in run_actions (a=0x80fe488, msg=0x8101480) at action.c:707 #4 0x0806e81d in eval_elem (e=0x80fe4c0, msg=0x80fe488) at route.c:574 #5 0x0806d01c in eval_expr (e=0x80fe4c0, msg=0x8101480) at route.c:623 #6 0x0806cfef in eval_expr (e=0x80fe4ec, msg=0x8101480) at route.c:639 #7 0x0804ee13 in do_action (a=0x80fe750, msg=0x8101480) at action.c:585 #8 0x0805077c in run_actions (a=0x80fe750, msg=0x8101480) at action.c:707 #9 0x0804ee49 in do_action (a=0x80fe928, msg=0x8101480) at action.c:599 #10 0x0805077c in run_actions (a=0x80fe928, msg=0x8101480) at action.c:707 #11 0x0804ee49 in do_action (a=0x80ff160, msg=0x8101480) at action.c:599 #12 0x0805077c in run_actions (a=0x80ff160, msg=0x8101480) at action.c:707 #13 0x0806a0db in receive_msg ( buf=0x80c3300 "REGISTER sip:sip.mycompany.com SIP/2.0\r\nVia: SIP/2.0/UDP 192.168.0.83;branch=z9hG4bKcd79a72929d59b77\r\nFrom: \"Paul (1002)\" <sip:1002@sip.mycompany.com;user=phone>;tag=c5b0a82a0a7e379f\r\nTo: <sip:1002@sip.mycom"..., len=684, rcv_info=0xbfffc030) at receive.c:165 #14 0x0807b99a in udp_rcv_loop () at udp_server.c:458 #15 0x0805b9a4 in main_loop () at main.c:910 #16 0x0805cd8c in main (argc=2, argv=0xb52bc43c) at main.c:1443
--- Daniel-Constantin Mierla Daniel-Constantin.Mierla@fokus.fraunhofer.de wrote:
the auth_db have not been touched for a while, but it can occur because of other changes. Please generate a core dump and, if possible, put it somewhere on a ftp/http server for download along with ser sources and binaries (compiled ser and modules), otherwise send it by mail to private address. Use "ulimit -c unlimited" to allow large core dumps into your system.
The back trace might be also enough, if it is a easy one ("gdb ser core_file", then "bt"), will point out where the bug is.
Daniel
On 10/29/04 05:54, Java Rockx wrote:
Hi All.
I pulled dev12 from berlios tonight and found that auth_db seems to be
causing
a core dump when www_authorize and proxy_authorize are called.
Can anyone verify this as a bug?
Cheers, Paul
Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Also a procedural note": use serdev for discussion of development. serusers is list for serusers, serdev is list for developers.
-jiri
Hi Paul,
looks like the bug is in the new code inserted by Maxim. I will try to find out what is the problem. If something more is needed, I will let you know.
thanks for the report, bogdan
Java Rockx wrote:
berlios cvs shows auth_db changed on 10.25.2004
Anyhow, here is the offending line in the core dump. If you still need the core dump I can put it on an FTP server.
out of bounds authorize.c Line 218: rpid.len = strlen(rpid.s);
Regards, Paul
#0 0xb72ef4ea in authorize (_m=0x8101480, _realm=0x1, _table=0x1 <Address 0x1 out of bounds>, _hftype=1) at authorize.c:218 218 rpid.len = strlen(rpid.s); (gdb) bt #0 0xb72ef4ea in authorize (_m=0x8101480, _realm=0x1, _table=0x1 <Address 0x1 out of bounds>, _hftype=1) at authorize.c:218 #1 0xb72eed97 in www_authorize (_m=0x1, _realm=0x1 <Address 0x1 out of bounds>, _table=0x1 <Address 0x1 out of bounds>) at authorize.c:273 #2 0x0804ef2a in do_action (a=0x80fe488, msg=0x8101480) at action.c:609 #3 0x0805077c in run_actions (a=0x80fe488, msg=0x8101480) at action.c:707 #4 0x0806e81d in eval_elem (e=0x80fe4c0, msg=0x80fe488) at route.c:574 #5 0x0806d01c in eval_expr (e=0x80fe4c0, msg=0x8101480) at route.c:623 #6 0x0806cfef in eval_expr (e=0x80fe4ec, msg=0x8101480) at route.c:639 #7 0x0804ee13 in do_action (a=0x80fe750, msg=0x8101480) at action.c:585 #8 0x0805077c in run_actions (a=0x80fe750, msg=0x8101480) at action.c:707 #9 0x0804ee49 in do_action (a=0x80fe928, msg=0x8101480) at action.c:599 #10 0x0805077c in run_actions (a=0x80fe928, msg=0x8101480) at action.c:707 #11 0x0804ee49 in do_action (a=0x80ff160, msg=0x8101480) at action.c:599 #12 0x0805077c in run_actions (a=0x80ff160, msg=0x8101480) at action.c:707 #13 0x0806a0db in receive_msg ( buf=0x80c3300 "REGISTER sip:sip.mycompany.com SIP/2.0\r\nVia: SIP/2.0/UDP 192.168.0.83;branch=z9hG4bKcd79a72929d59b77\r\nFrom: "Paul (1002)" sip:1002@sip.mycompany.com;user=phone;tag=c5b0a82a0a7e379f\r\nTo: <sip:1002@sip.mycom"..., len=684, rcv_info=0xbfffc030) at receive.c:165 #14 0x0807b99a in udp_rcv_loop () at udp_server.c:458 #15 0x0805b9a4 in main_loop () at main.c:910 #16 0x0805cd8c in main (argc=2, argv=0xb52bc43c) at main.c:1443
--- Daniel-Constantin Mierla Daniel-Constantin.Mierla@fokus.fraunhofer.de wrote:
the auth_db have not been touched for a while, but it can occur because of other changes. Please generate a core dump and, if possible, put it somewhere on a ftp/http server for download along with ser sources and binaries (compiled ser and modules), otherwise send it by mail to private address. Use "ulimit -c unlimited" to allow large core dumps into your system.
The back trace might be also enough, if it is a easy one ("gdb ser core_file", then "bt"), will point out where the bug is.
Daniel
On 10/29/04 05:54, Java Rockx wrote:
Hi All.
I pulled dev12 from berlios tonight and found that auth_db seems to be
causing
a core dump when www_authorize and proxy_authorize are called.
Can anyone verify this as a bug?
Cheers, Paul
__________________________________ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
__________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
-
Bogdan-Andrei IANCU -
Daniel-Constantin Mierla -
Java Rockx -
Jiri Kuthan