[Bug 522699] [NEW] asterisk 1.6 crash at incoming isdn call on 64 bit system
ralf
palf4711 at gmx.net
Tue Feb 16 15:33:34 UTC 2010
Public bug reported:
Binary package hint: libcapi20-3
Release: 9.10
Compiler: gcc 4.4.1 (Ubuntu 4.4.1-4ubuntu9)
libcapi20-3:
Installiert: 1:3.12.20071127-0ubuntu6
Kandidat: 1:3.12.20071127-0ubuntu6
Asterisk crashes due to problem in libcapi20-3
crash in capi20.c
=> unsigned capi20_put_message (unsigned ApplID, unsigned char *Msg) ...
=> ... memcpy(sndbuf+len, dataptr, datalen);
reason:
dataptr is currupt
resolution:
file: capiutils.h
modify
#define CAPIMSG_U64(m, off) (((_cqword)CAPIMSG_U32(m, off)) |(((_cqword)CAPIMSG_U32(m, off+4))<<32))
to
#define CAPIMSG_U64(m, off) ((((_cqword)CAPIMSG_U32(m, off)) & 0xffffffff) |(((_cqword)CAPIMSG_U32(m, off+4))<<32))
I am not sure why, but the compiler seems to handle signed values
instead of unsigned values as expected. It fills up the upper half of
the result value (unsigned long long) with 0xff if the highest bit of
the lower long value is set. This results in an invalid address. The and
operation (& 0xffffffff) prevents these unwanted invalid bits.
** Affects: isdnutils (Ubuntu)
Importance: Undecided
Status: New
--
asterisk 1.6 crash at incoming isdn call on 64 bit system
https://bugs.launchpad.net/bugs/522699
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list