[OpenSIPS-Users] opensips 3.2.2 Segfault on debian 11 bullseye
Maxim Sobolev
sobomax at sippysoft.com
Mon Sep 27 17:52:15 EST 2021
Hi Rob / Liviu,
I browsed quickly through the code and I think the following clause may be
a culprit:
if (calc_ha1) {
/* Only plaintext passwords are stored in database,
* we have to calculate HA1 */
cprms.creds.open = &(const struct digest_auth_credential){
.realm = *_domain, .user = _username->whole, .passwd =
result};
cprms.use_hashed = 0;
}
Compiler might deallocate / overwrite struct digest_auth_credential after
exiting that block causing subsequent call to auth_api.calc_HA1() to access
bogus pointer.
Rob, can you try applying the following commit and recompile/reinstall the
module in question and see if it helps?
https://github.com/sippy/opensips/commit/fea6a1d60d70f64971dff3ec2dc83f7ddc00389d
Thanks!
-Max
On Mon, Sep 27, 2021 at 12:48 AM Liviu Chircu <liviu at opensips.org> wrote:
> On 27.09.2021 03:56, Rob Dyck wrote:
> > I am seeing the same. opensips-3.2.2 compiled from git source on Fedora.
>
> Thank you for the help, gents! Let's see if I can reproduce it...
> should be fairly straightforward.
>
> Best,
>
> --
> Liviu Chircu
> www.twitter.com/liviuchircu | www.opensips-solutions.com
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20210927/16c90375/attachment.html>
More information about the Users
mailing list