I observed a crash in res_musiconhold on an Asterisk 11 system using realtime
MOH. Investigation of the backtrace showed a corrupt mohclass, implying that
it got destroyed before the code expected it to. I went looking for reference
counting errors that could have caused this crash and this patch this result.
It contains 2 changes.
1) Remove a usless block of code that was impossible to reach. There was even
a comment indicating that it was impossible to reach. The conditional includes
"!ast_test_flag(global_flags, MOH_CACHERTCLASSES)" and it's inside of an if
block with the opposite check "ast_test_flag(global_flags,
MOH_CACHERTCLASSES)". There's no good reason to keep it around.
2) A similar block to #1 contained a reference counting error. It stores
state->class in the local variable mohclass without increasing its reference
count. The reference count on mohclass is decremented at the end of the
function. This block of code probably very rarely runs, which would help
explain why this system was working fine for many months before experiencing a
crash.
Review: https://reviewboard.asterisk.org/r/3282/
........
Merged revisions 410043 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 410044 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@410090 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Made exit a loop early on error in ast_sorcery_objectset_json_create().
* Removed some dead code in ast_sorcery_objectset_create2().
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@410089 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Transport TOS values were interpreted as DSCP values without being documented
as such. Endpoint TOS values (tos_audio/tos_video) behaved normally as TOS
values have historically. This patch makes the transport TOS values behave as
TOS values and makes all TOS values readable as string values (e.g. AF11).
In addition, alembic scripts have been updated to use the proper field types
for all TOS/COS values.
(issue ASTERISK-23235)
Reported by: George Joseph
Review: https://reviewboard.asterisk.org/r/3304/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@410028 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Attempting to link a NULL object into an ao2 container had been benign previously, but since
enabling DO_CRASH in the testsuite, this is now causing a crash. It's better to be right
here anyway.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@410011 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch creates the AST_SORCERY dialplan function which allows someone to
retrieve any value from a sorcery-based config file. It's similar to
AST_CONFIG.
The creation of the function itself was fairly straightforward but it required
changes to the underlying sorcery infrastructure that rippled into individual
sorcery objects. The changes stemmed from inconsistencies in how sorcery
created ast_variable objectsets from sorcery objects and the inconsistency
in how individual objects used that feature especially when it came to
parameters that can be specified multiple times like contact in aor and match
in identify. You can read more here...
http://lists.digium.com/pipermail/asterisk-dev/2014-February/065202.html
So, what this patch does, besides actually creating the AST_SORCERY function,
is the following...
* Creates ast_variable_list_append which is a helper to append one ast_variable
list to another.
* Modifies the ast_sorcery_object_field_register functions to accept the
already-defined sorcery_fields_handler callback.
* Modifies ast_sorcery_objectset_create to accept a parameter indicating return
type preference...a single ast_variable with all values concatenated or an
ast_variable list with multiple entries. Also fixed a few bugs.
* Modifies individual sorcery object implementations to use the new function
definition of the ast_sorcery_object_field_register functions.
* Modifies location.c and res_pjsip_endpoint_identifier_ip.c to implement
sorcery_fields_handler handlers so they return multiple occurrences as an
ast_variable_list.
* Added a whole bunch of tests to test_sorcery.
(closes issue ASTERISK-22537)
Review: http://reviewboard.asterisk.org/r/3254/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@410006 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When acting as a T.38 fax gateway, res_fax_spandsp would at times cause a crash
in libspandsp. This would occur when, during fax tone detection, a ulaw/alaw
frame would be passed to modem_connect_tones_rx. That particular routine
expects the data to be in slin format. This patch looks at the frame type and,
if the data is ulaw/alaw, converts the format to slin before passing it to
modem_connect_tones_rx.
Review: https://reviewboard.asterisk.org/r/3296
(closes issue ASTERISK-20149)
Reported by: Alexandr Gordeev
Tested by: Michal Rybarik
patches:
spandsp_g711decode.diff uploaded by Michal Rybarik (license 6578)
........
Merged revisions 409990 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409991 65c4cc65-6c06-0410-ace0-fbb531ad65f3
It is possible for a channel to be masqueraded out of a bridge which
means it may no longer have RTP glue to check upon leaving said bridge.
If this situation occurred (it's possible at least during dial and call
pickup) then Asterisk would crash. This change makes sure the glue is
checked before use.
(closes issue AST-1290)
Reported by: John Bigelow
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409900 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Added the queues and queue_members tables to the config alembic scripts.
* Added the CDR table alembic creation script. The CDR table is more of
an example for new setups since the actual table can be fully customized
in cdr_adaptive_odbc.conf.
(closes issue ASTERISK-23233)
Reported by: jmls
Review: https://reviewboard.asterisk.org/r/3227/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409885 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Several fixes for the WebSockets implementation in res/res_http_websocket.c
* Flush the websocket session FILE* as fwrite() may not actually guarantee sending
the data to the network. If we do not flush, it seems that buffering on the SSL
socket for outbound messages causes issues
* Refactored ast_websocket_read to take into account that SSL file descriptors
may be ready to read via fread() but poll() will not actually say so because
the data was already read from the network buffers and is now in the libc buffers
(closes issue ASTERISK-23099)
(closes issue ASTERISK-21930)
Review: https://reviewboard.asterisk.org/r/3248/
........
Merged revisions 409681 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409697 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
rtp_engine: Clean up after a failed remote bridge
Upon failure of an INVITE transaction meant to initiate a remote native
bridge, rtp_engine.c would not clean up non-reference-counted bridge
instance pointers leaving a dangling pointer which was being used to
perform a local native bridge after the other channel had hung up. This
lead to dereferencing into freed memory and plenty of AO2 errors. This
change allows the remote native bridge loop to clean up properly when
the bridge fails.
(closes issue ASTERISK-23310)
Reported by: Jeremy Laine
........
Merged revisions 409521 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409525 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This change passes options to the UAS creation function. This in turn
sets up 100rel and session timer properties on the incoming session.
Reported by Julian Russell on asterisk-users mailing list.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409287 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Remove some unnecessary RAII_VAR() usage.
* Made the struct stasis_subscription ao2 object use the ao2 lock instead
of a redundant join_lock in the struct for ast_cond_wait().
* Removed locks on some ao2 objects that don't need the lock.
* Made the topic pool entries container use the ao2 template functions.
* Add some missing allocation failure checks.
* Add missing cleanup in off nominal path of dispatch_message().
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409270 65c4cc65-6c06-0410-ace0-fbb531ad65f3
During the rewrite of AMI events to use the Stasis bus, the name of the
QueueMemberPaused event was changed to QueueMemberPause. This corrects
documentation to reflect that.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409234 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
app_queue: Fix documentation generation
The documentation for QueueMemberPaused was causing documentation
generation to fail because the documentation for that AMI event was in
the wrong location. This moves that documentation the correct location
and adds a missing parameter.
(closes issue SWDAT-261)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409209 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
r409129 | jrose | 2014-02-27 13:19:02 -0600 (Thu, 27 Feb 2014) | 15 lines
res_rtp_asterisk: Fix checklist creating problems in ICE sessions
Prior to this patch, local candidate lists including SRFLX would fail to start
properly when building ICE candidate check lists. This patch fixes that problem
by making sure that each SRFLX candidate is associated with the proper
base address so that the check list can create matches properly.
This patch was written by jcolp. The issue will be left open to await testing
by the issue participants.
(issue ASTERISK-23213)
Reported by: Andrea Suisani
Review: https://reviewboard.asterisk.org/r/3256/
........
r409130 | jrose | 2014-02-27 13:38:10 -0600 (Thu, 27 Feb 2014) | 8 lines
res_rtp_asterisk: correct build error from r409129
Accidentally placed a declaration below functional code
(issue ASTERISK-23213)
Reported by: Andrea Suisani
Review: https://reviewboard.asterisk.org/r/3256/
........
Merged revisions 409129-409130 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409131 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Note that this is blocked in 12 as channels are no longer masqueraded out
of bridges. The channel cannot be replaced with a ZOMBIE channel in the
affected routine.
........
rtp_engine: fix crash during remote native bridging when calling get_codecs
When two RTP channels are in a remote bridge, the remote bridging loop in
rtp_engine will periodically check to see if the two channels can still be
bridged. One of the many things it checks is whether or not the codecs have
changed on the channel. If the codec has changed, it will break out of the
loop to re-determine which type of bridge is appropriate.
In order to perform this check, the ast_rtp_glue virtual table's get_codec
callback is called for each channel. The callback implementations assume
that the channel tech private is valid when called; as such, there has
always been some code in place to check whether or not the channel pvt is
NULL before calling. However, this check is insufficient.
The channels are unlocked during the remote bridging loop. It is possible
for a channel to get masqueraded between the check for the pvt being NULL and
the actual call to get_codec. When this occurs, the callback is called with a
ZOMBIE channel, which now has a NULL pvt. Crash.
While this has always been possible in Asterisk 1.8, it is much more likely to
occur in Asterisk 11 and later versions due to the timing changes that occur
when getting the codec from a channel. Note that this is much more likely to be
reproduced on slow, boggy hardware running Asterisk 11 - but fairly rarely
otherwise.
Also Note: This crash was also caught by the various SIP blind transfer tests,
in addition to the bug report Alec filed.
Review: https://reviewboard.asterisk.org/r/3247/
(closes issue ASTERISK-21737)
Reported by: Alec Davis
Tested by: Alec Davis
........
Merged revisions 409001 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@409003 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The setting 'use_ptime' is supposed to tell Asterisk to honour the ptime
attribute in an offer, preferring it to whatever packetization
preferences have been set internally. Currently, however, something
rather quirky will happen:
(1) The SDP answer will be constructed in create_outgoing_sdp_stream.
This will use the preferences from the endpoint, such that the 200 OK
response will add the packetization preferences from the endpoint, and
not what was offered.
(2) When the 200 response is issued, apply_negotiated_sdp_stream is called.
This will call apply_packetization, which will use the ptime attribute
from the offer internally.
We end up telling the offerer to use the internal ptime attribute, but we end
up using the offered ptime attribute. Hilarity ensues.
This patch modifies the behaviour by calling apply_packetization from
negotiate_incoming_sdp_stream, which is called prior to
create_outgoing_sdp_stream. This causes the format preferences on the
session's media object to be set to the inbound ptime value (if 'use_ptime'
is enabled), such that the construction of the answer gets the right value
immediately.
Review: https://reviewboard.asterisk.org/r/3244/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@408999 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Make the consumer ao2 object use the ao2 lock instead of a redundant
lock in the struct for ast_cond_wait().
* Fixed some curly brace placements.
* Fixed use of malloc(0). malloc(0) has variant behavior. It is up to
the implementation to determine if it returns NULL or a valid pointer that
can be later passed to free().
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@408983 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When accidentally compiling against a wrong version of
pjsip headers with a different pjsip_inv_session size,
the invite_tsx structure could be null in the answer()
function. This led to a crash because it attempted to
send the session response with an uninitialized packet
pointer. This patch presets packet to null and adds a
diagnostic log message to explain why the call fails.
Review: https://reviewboard.asterisk.org/r/3267/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@408970 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This change makes some error cases use ast_ari_response_error to construct their
error responses instead of manually doing it. This ensures they are consistent
with the other error responses.
Based on the original patch as done by Paul Belanger on the associated review.
Review: https://reviewboard.asterisk.org/r/2904/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@408957 65c4cc65-6c06-0410-ace0-fbb531ad65f3
It is currently possible for an ast_sip_session to exist without an
associated channel as is the case when a new invite is coming in or
just after a hangup is issued on a chan_pjsip channel. Part of the
attended transfer code assumed the channel would be non-NULL and used
it as such causing a crash. This bug was exposed thanks to the attended
transfer ARI test in the test suite.
(closes issue ASTERISK-23287)
Reported by: Matt Jordan
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@408941 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Added the ability for transferring directly to voicemail on digium phones.
Added a new module that checks for the presence of a custom header and/or
diversion header within a sip REFER. If either is found and they specify
a sending to voicemail action then variables are added to the channel
allowing the user access to them in the dialplan. Dialplan can then be
written that branches based upon these values allowing, for instace, for
a single number to be used for dialing and/or accessing voicemail directly.
Also fixed a problem where the PJSIP_HEADER function was allowing non pjsip
channels through (checked to make sure it has the correct channel type before
proceeding).
Review: https://reviewboard.asterisk.org/r/3245/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@408880 65c4cc65-6c06-0410-ace0-fbb531ad65f3
It is possible to pre-load pbx_config. As a result, pbx_config - which will
load and parse the dialplan - will attempt to use various dialplan components,
such as device state providers and presence state providers, prior to them
being initialized by the core. This would lead to a crash, as the components
had not created their Stasis cache entries.
This patch moves a number of core component initializations before the module
pre-load. This guarantees that if someone does pre-load pbx_config - or other
pbx modules - that the Stasis caches for the various core components are
created.
(closes issue ASTERISK-23320)
Reported by: xrobau
(closes issue ASTERISK-23265)
Reported by: Andrew Nagy
Tested by: Andrew Nagy, Rusty Newton
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@408855 65c4cc65-6c06-0410-ace0-fbb531ad65f3
