[OpenSIPS-Users] async- issues- 2.2.2

Răzvan Crainea razvan at opensips.org
Thu Jan 19 03:30:19 EST 2017


You have my answer inline.

Răzvan Crainea
OpenSIPS Solutions
www.opensips-solutions.com

On 01/18/2017 08:17 PM, Ramachandran, Agalya (Contractor) wrote:
>
> Hi Razvan,
>
> Got your point.I tried to increase the MAX_CONTENT_TYPE_LEN  and 
> tested async call and it is working fine without crash.
>
> But one more question.
>
> The same piece of code am using for *sync REST_API* query too in 
> rest_put() method. There also print_buff is only being used.
>
> It is working absolutely fine in the case of sync  call even  if the 
> MAX_CONTENT_TYPE_LEN – is 64.
>
> Wondering what would be the reason in sync call, it is working and in 
> async it is not?
>
Pure luck. You are doing a buffer overflow, overwriting the data 
section. Probably when doing sync calls, nobody is using the data you 
are overwriting. But if it doesn't crash it doesn't mean it is ok :).
>
> Regards,
>
> Agalya
>
> *From:*Users [mailto:users-bounces at lists.opensips.org] *On Behalf Of 
> *Razvan Crainea
> *Sent:* Wednesday, January 18, 2017 4:29 AM
> *To:* users at lists.opensips.org
> *Subject:* Re: [OpenSIPS-Users] async- issues- 2.2.2
>
> Hi, Ramachandran!
>
> The print_buff buffer is declared with length MAX_CONTENT_TYPE_LEN -> 
> 64. Writing more than 64 bytes will lead to a buffer overflow, 
> probably followed by a crash.
> If you want to suppor longer CallIDs, just increase the size of the 
> buffer, or allocate the buffer with a size large enought to fit your 
> callid length.
>
> Best regards,
>
> Răzvan Crainea
> OpenSIPS Solutions
> www.opensips-solutions.com <http://www.opensips-solutions.com>
>
> On 01/17/2017 11:13 PM, Ramachandran, Agalya (Contractor) wrote:
>
>     Hi Liviu,
>
>     Found the exact issue what causes the crash.
>
>     In start_async_http_req, under case PUT/POST, we have the
>     following code blue color by default.
>
>     But for my project scenario, I need to add call-id header too
>     here, including that code in red color for your reference.
>
>     if (req_ctype) {
>
>     sprintf(print_buff, "Content-Type: %s", req_ctype);
>
>     header_list = curl_slist_append(header_list, print_buff);
>
>     sprintf(print_buff, "Call-Id: %s", instanceId);
>
>     header_list = curl_slist_append(header_list, print_buff);
>
>     w_curl_easy_setopt(handle, CURLOPT_HTTPHEADER, header_list);
>
>        }
>
>     If I try by removing the Call-Id header in the curl-slist, then it
>     works perfectly fine in case of POST as well as PUT.
>
>     How can I overcome this situation? Your guidance would help me a lot.
>
>     Regards,
>     Agalya
>
>     *From:* Users [mailto:users-bounces at lists.opensips.org] *On Behalf
>     Of *Ramachandran, Agalya (Contractor)
>     *Sent:* Tuesday, January 17, 2017 3:58 PM
>     *To:* OpenSIPS users mailling list <users at lists.opensips.org>
>     <mailto:users at lists.opensips.org>; Liviu Chircu
>     <liviu at opensips.org> <mailto:liviu at opensips.org>
>     *Subject:* Re: [OpenSIPS-Users] async- issues- 2.2.2
>
>     Hi,
>
>     Another information may help you to find this issue.
>
>     Am changing the “req_body” in the rest_methods.c, as per the REST
>     API server is expecting the payload value.
>
>     If I change this “req_body” in *REST_POST* as well, and if the
>     *Call-Id length is > 56*, it crashes in *the POST call too*.
>
>     Regards,
>     Agalya
>
>     *From:* Users [mailto:users-bounces at lists.opensips.org] *On Behalf
>     Of *Ramachandran, Agalya (Contractor)
>     *Sent:* Tuesday, January 17, 2017 3:03 PM
>     *To:* OpenSIPS users mailling list <users at lists.opensips.org
>     <mailto:users at lists.opensips.org>>; Liviu Chircu
>     <liviu at opensips.org <mailto:liviu at opensips.org>>
>     *Subject:* [OpenSIPS-Users] async- issues- 2.2.2
>
>     Hi Liviu/team,
>
>     When I try to do an asynchronous REST_PUT call in OpenSIPS 2.2.2,
>     I see the below observance and issues.
>
>     All the calls are made from sipp client.
>
>     *No*
>
>     	
>
>     *Test Scenario *
>
>     	
>
>     *Result/observation*
>
>     1.
>
>     	
>
>     Call-Id length < 50
>
>     	
>
>     Works perfectly fine
>
>     2
>
>     	
>
>     Call-Id length  >54 and < 56
>
>     	
>
>     No crash observed. But error in curl_multiperform
>
>     3.
>
>     	
>
>     Call-Id length  > 56
>
>     	
>
>     Opensips crashes at liburl.
>
>     Please find the details for test 2 and test 3.
>
>     I have tested with REST_POST with case 3, I didn’t observe any
>     crashes.
>
>     Please let me know what could cause this issue and how can I fix this?
>
>     *Test2:*
>
>     **
>
>     Jan 17 18:23:13 /usr/local/sbin/opensips[18554]:
>     ERROR:rest_client:start_async_http_req: curl_multi_perform:
>     Invalid multi handle
>
>     Jan 17 18:23:13  /usr/local/sbin/opensips[18554]:
>     ERROR:rest_client:start_async_http_req: curl_multi_remove_handle:
>     Invalid multi handle
>
>     *Test 3:*
>
>     (gdb) bt
>
>     #0 0x00007f370bccb9bb in curl_multi_add_handle () from
>     /lib64/libcurl.so.4
>
>     #1 0x00007f370bf05521 in start_async_http_req
>     (msg=msg at entry=0x7f374db14270, method=method at entry=REST_CLIENT_PUT,
>
>     url=0x7f374dad8178 "http://url", req_body=<optimized out>,
>
>     req_ctype=<optimized out>,
>     out_handle=out_handle at entry=0x7f374db204e0,
>     body=body at entry=0x7f374db204e8, ctype=0x7f374db204f8)
>
>         at rest_methods.c:227
>
>     #2 0x00007f370bf0e2ca in w_async_rest_put (msg=0x7f374db14270,
>     resume_f=0x7ffc6f551680, resume_param=0x7ffc6f551690,
>
>     gp_url=<optimized out>, gp_body=<optimized out>,
>     gp_ctype=<optimized out>, body_pv=0x7f374daf5510 "N",
>
>     ctype_pv=0x7f374daf55a8 "N", code_pv=0x7f374daf5670 "N") at
>     rest_client.c:579
>
>     #3 0x00007f370d24920f in t_handle_async (msg=0x7f374db14270,
>     a=0x7f374dad8508, resume_route=<optimized out>) at async.c:240
>
>     #4 0x000000000042d724 in do_action (a=a at entry=0x7f374dad8680,
>     msg=msg at entry=0x7f374db14270) at action.c:1863
>
>     #5 0x00000000004341cc in run_action_list (a=<optimized out>,
>     msg=0x7f374db14270) at action.c:172
>
>     #6 0x0000000000430769 in do_action (a=a at entry=0x7f374dad8760,
>     msg=msg at entry=0x7f374db14270) at action.c:1108
>
>     #7 0x000000000043454d in run_action_list (msg=<optimized out>,
>     a=<optimized out>) at action.c:172
>
>     #8  run_actions (a=<optimized out>, msg=0x7f374db14270) at
>     action.c:137
>
>     #9 0x000000000042f8d7 in do_action (a=a at entry=0x7f374dad6b58,
>     msg=msg at entry=0x7f374db14270) at action.c:745
>
>     #10 0x0000000000434393 in run_action_list (msg=<optimized out>,
>     a=<optimized out>) at action.c:172
>
>     #11 run_actions (msg=0x7f374db14270, a=<optimized out>) at
>     action.c:137
>
>     #12 run_top_route (a=<optimized out>,
>     msg=msg at entry=0x7f374db14270) at action.c:204
>
>     #13 0x000000000043bcba in receive_msg (
>
>     buf=0x858c20 <buf.8277> "INVITE sip:+19084904567 at 10.10.10.05060
>     SIP/2.0\r\nTo:
>     <sip:+19084904567 at test.comcast.net;user=phone>\r\nFrom: \"test
>     PA\"<sip:+16507083454 at 10.0.0.1:32004;user=phone;isup-oli=00>;"...,
>     len=<optimized out>,
>
>     rcv_info=rcv_info at entry=0x7ffc6f552c70,
>     existing_context=existing_context at entry=0x0) at receive.c:208
>
>     #14 0x00000000005b0b03 in udp_read_req (si=<optimized out>,
>     bytes_read=<optimized out>) at net/proto_udp/proto_udp.c:192
>
>     #15 0x000000000059b960 in handle_io (idx=<optimized out>,
>     event_type=<optimized out>, fm=<optimized out>) at net/net_udp.c:259
>
>     #16 io_wait_loop_epoll (h=<optimized out>, t=<optimized out>,
>     repeat=<optimized out>) at net/../io_wait_loop.h:225
>
>     #17 udp_rcv_loop (si=si at entry=0x7f374dacb6c8) at net/net_udp.c:308
>
>     #18 0x000000000059ce88 in udp_start_processes
>     (chd_rank=chd_rank at entry=0x845830 <chd_rank.11028>,
>     startup_done=startup_done at entry=0x0)
>
>         at net/net_udp.c:372
>
>     #19 0x0000000000419f50 in main_loop () at main.c:671
>
>     #20 main (argc=<optimized out>, argv=<optimized out>) at main.c:1261
>
>     Regards,
>     Agalya
>
>
>
>
>     _______________________________________________
>
>     Users mailing list
>
>     Users at lists.opensips.org <mailto:Users at lists.opensips.org>
>
>     http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20170119/e4bbe68d/attachment-0001.html>


More information about the Users mailing list