Hi Hakan, Thanks for the report. We fixed it in ticket #2125 (https://trac.pjsip.org/repos/ticket/2125). Best regards, Ming On Fri, Jun 29, 2018 at 10:10 AM, Håkan Berg <hakan.berg@xxxxxxxx> wrote: > Hello pjsip developers, > > Any update on this? Did you create a trac ticket for this issue? > > > > Br, > > /Håkan > > > > From: Håkan Berg > Sent: den 8 juni 2018 13:02 > To: 'pjsip@xxxxxxxxxxxxxxx' <pjsip@xxxxxxxxxxxxxxx> > Subject: pjsua turn crash > > > > Hello, > > I believe I’ve found a null pointer dereference in pjsua, when terminating a > call while trying to connect to a turn server that does not respond. > > > > To reproduce: > > Compile pjsip for linux x86_64 (./configure && make && cd pjsip-apps/bin) > > > > Start pjsua with turn enabled, using a bogus ip to represent a turn server > that does not currently respond, and call any ip: > > gdb --args ./pjsua-x86_64-unknown-linux-gnu --use-ice --use-turn --turn-srv > 8.8.8.8:12345 --turn-user na --turn-passwd na --playback-dev=1 > --capture-dev=1 --id sip:localhost --app-log-level=6 --no-cli-console > --duration=10 > > > > press m, enter sip:4.4.4.4 > > press h > > > > ... > > Program received signal SIGSEGV, Segmentation fault. > > 0x0000000000429047 in pjsua_call_hangup (call_id=2, code=0, reason=0x0, > > msg_data=0x0) at ../src/pjsua-lib/pjsua_call.c:2370 > > 2370 if (call->inv->role == > PJSIP_ROLE_UAS) > > (gdb) bt > > #0 0x0000000000429047 in pjsua_call_hangup (call_id=2, code=0, reason=0x0, > > msg_data=0x0) at ../src/pjsua-lib/pjsua_call.c:2370 > > #1 0x0000000000418115 in ui_hangup_call (menuin=0x7fffffffdf00 "h\n") > > at ../src/pjsua/pjsua_app_legacy.c:831 > > #2 0x0000000000419f5d in legacy_main () > > at ../src/pjsua/pjsua_app_legacy.c:1765 > > #3 0x0000000000409fa8 in pjsua_app_run (wait_telnet_cli=1) > > at ../src/pjsua/pjsua_app.c:1945 > > #4 0x00000000004064a6 in main_func (argc=16, argv=0x7fffffffe168) > > at ../src/pjsua/main.c:110 > > #5 0x00000000005c2998 in pj_run_app (main_func=0x406429 <main_func>, > argc=16, > > argv=0x7fffffffe168, flags=0) at ../src/pj/os_core_unix.c:1952 > > #6 0x000000000040651c in main (argc=16, argv=0x7fffffffe168) > > at ../src/pjsua/main.c:129 > > (gdb) p call->inv > > $1 = (pjsip_inv_session *) 0x0 > > > > > > > > Checking call->inv for NULL on pjsua_call.c:2370 seem to prevents the crash, > but I’m not sure this is the correct fix. > > > > Br, > > /Håkan > > > > > _______________________________________________ > Visit our blog: http://blog.pjsip.org > > pjsip mailing list > pjsip@xxxxxxxxxxxxxxx > http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org > _______________________________________________ Visit our blog: http://blog.pjsip.org pjsip mailing list pjsip@xxxxxxxxxxxxxxx http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org
