RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

MT#55283 Fix for crash introduced by 6c03a44c 

NFTNL_EXPR_TG_INFO actually expects the info data to be heap allocated
via malloc(), as it will free() it when the expression is freed via
nftnl_expr_free().

No symbol table info available.
No symbol table info available.
No symbol table info available.
No locals.
No locals.
        r = 0x55e087c75130
        err = <optimized out>
        err = <optimized out>
    args=args@entry=0x7ffc80943460) at ./nftables.c:593
        err = <optimized out>
        nl = 0x55e087c4add0
        seq = 1711621092
        err = 0x0
        nl = <optimized out>
        seq = <optimized out>
        err = <optimized out>
No locals.

Log:

rtpengine[269176]: INFO: [crypto] Generating new DTLS certificate
rtpengine[269176]: DEBUG: [crypto] Using EC-prime256v1 key for DTLS certificate
rtpengine[269176]: free(): invalid pointer
rtpengine[269792]: INFO: [crypto] Generating new DTLS certificate
rtpengine[269792]: DEBUG: [crypto] Using EC-prime256v1 key for DTLS certificate
rtpengine[269792]: free(): invalid pointer
rtpengine[270372]: INFO: [crypto] Generating new DTLS certificate
rtpengine[270372]: DEBUG: [crypto] Using EC-prime256v1 key for DTLS certificate
rtpengine[270372]: free(): invalid pointer
rtpengine[2487]: INFO: [crypto] Generating new DTLS certificate
rtpengine[2487]: DEBUG: [crypto] Using EC-prime256v1 key for DTLS certificate
rtpengine[2487]: free(): invalid pointer

Change-Id: Id67a4bb4cd3627d7ea6aed1b9f7d73b80ed676c8
pull/1819/head
Richard Fuchs 2 years ago
parent
6c03a44c84
commit
c6f43b7d2b
1 changed files with 5 additions and 5 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +5
    -5
      daemon/nftables.c

+ 5
- 5
daemon/nftables.c View File

@ -54,9 +54,6 @@ struct add_rule_callbacks {
const char *base_chain; const char *base_chain;
int table; int table;
bool append; bool append;
// intermediate storage area
struct xt_rtpengine_info rtpe_target_info;
}; };
@ -463,9 +460,12 @@ static const char *rtpe_target_base(struct nftnl_rule *r, struct add_rule_callba
nftnl_expr_set_str(e, NFTNL_EXPR_TG_NAME, "RTPENGINE"); nftnl_expr_set_str(e, NFTNL_EXPR_TG_NAME, "RTPENGINE");
nftnl_expr_set_u32(e, NFTNL_EXPR_TG_REV, 0); nftnl_expr_set_u32(e, NFTNL_EXPR_TG_REV, 0);
callbacks->rtpe_target_info = (struct xt_rtpengine_info) { .id = callbacks->table };
struct xt_rtpengine_info *info = malloc(sizeof(*info));
if (!info)
return "failed to allocate target info for RTPENGINE";
*info = (__typeof__(*info)) { .id = callbacks->table };
nftnl_expr_set(e, NFTNL_EXPR_TG_INFO, &callbacks->rtpe_target_info, sizeof(callbacks->rtpe_target_info));
nftnl_expr_set(e, NFTNL_EXPR_TG_INFO, info, sizeof(*info));
nftnl_rule_add_expr(r, e); nftnl_rule_add_expr(r, e);


Write Preview
Loading…
Cancel
Save