From 5f6bf9a8207697915ded431d5e2d6de9e1fd8664 Mon Sep 17 00:00:00 2001 From: David Vossel Date: Fri, 6 Nov 2009 17:07:13 +0000 Subject: [PATCH] fixes segfault in iLBC For reasons not yet known, it appears possible for an ast_frame to have a datalen greater than zero while the actual data is NULL during Packet Loss Concealment. Most codecs don't support PLC so this doesn't affect them. This patch catches the malformed frame and prevents the crash from occuring. Additional efforts to determine why it is possible for a frame to look like this are still being investigated. (issue #16979) git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@228418 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- codecs/codec_ilbc.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/codecs/codec_ilbc.c b/codecs/codec_ilbc.c index b5fc9bf32c..118ee67895 100644 --- a/codecs/codec_ilbc.c +++ b/codecs/codec_ilbc.c @@ -127,6 +127,11 @@ static int ilbctolin_framein(struct ast_trans_pvt *pvt, struct ast_frame *f) int16_t *dst = (int16_t *)pvt->outbuf; float tmpf[ILBC_SAMPLES]; + if (!f->data && f->datalen) { + ast_log(LOG_DEBUG, "issue 16070, ILIB ERROR. data = NULL datalen = %d src = %s\n", f->datalen, f->src ? f->src : "no src set"); + f->datalen = 0; + } + if (f->datalen == 0) { /* native PLC, set fake f->datalen and clear plc_mode */ f->datalen = ILBC_FRAME_LEN; f->samples = ILBC_SAMPLES;