Looks like some memory getting overwritten in app_voicemail.c.
#0 adsi_connect_session (buf=0x492fd43c "\216", fdn=0x280 <Address 0x280 out of
bounds>, ver=1)
at res_adsi.c:458
458 buf[bytes++] = fdn[x];
(gdb) bt
#0 adsi_connect_session (buf=0x492fd43c "\216", fdn=0x280 <Address 0x280 out of
bounds>, ver=1)
at res_adsi.c:458
#1 0x43a1f62b in adsi_load_session (chan=0x48c03560, app=0x280 <Address 0x280 out of
bounds>, ver=1, data=1)
at res_adsi.c:943
#2 0x47a7b078 in vm_execmain (chan=0x48c03560, data=0x492fd43c) at
app_voicemail.c:1755
#3 0x08063b8a in pbx_exec (c=0x48c03560, app=0x80e5050, data=0x492ff26c, newstack=1)
at pbx.c:396
#4 0x0806b141 in pbx_extension_helper (c=0x48c03560, context=0x48c036b8 "internal",
exten=0x81572c0 "`5�H",
priority=2, callerid=0x48c005a8 "\"Howard White\" <101>", action=1134698732) at
pbx.c:1170
#5 0x08065b4c in ast_pbx_run (c=0x43a220ec) at pbx.c:1654
#6 0x46e168a8 in ss_thread (data=0x48c03560) at chan_zap.c:4275
#7 0x40026811 in pthread_start_thread () from /lib/i686/libpthread.so.0
(gdb) bt full
#0 adsi_connect_session (buf=0x492fd43c "\216", fdn=0x280 <Address 0x280 out of
bounds>, ver=1)
at res_adsi.c:458
bytes = 2
x = 0
#1 0x43a1f62b in adsi_load_session (chan=0x48c03560, app=0x280 <Address 0x280 out of
bounds>, ver=1, data=1)
at res_adsi.c:943
dsp = "\216", '\0' <repeats 254 times>
bytes = 1227871292
res = 640
resp = "\0"
#2 0x47a7b078 in vm_execmain (chan=0x48c03560, data=0x492fd43c) at
app_voicemail.c:1755
res = 0
valid = 0
prefix = 0
cmd = 0
u = (struct localuser *) 0xffffffff
prefixstr = '\0' <repeats 79 times>
empty = '\0' <repeats 79 times>
box = 0
useadsi = 0
skipuser = 0
tmp = "[EMAIL PROTECTED]/[EMAIL PROTECTED]/I4>[EMAIL PROTECTED]@[EMAIL
PROTECTED]@\215\0\0\0\034�/[EMAIL PROTECTED]@��\f\b\004�/[EMAIL PROTECTED]@[EMAIL
PROTECTED]@\215\0\0\0P/[EMAIL PROTECTED] [EMAIL PROTECTED]/[EMAIL PROTECTED]/[EMAIL
PROTECTED]@[EMAIL PROTECTED]@\215\0\0\0��\006\b��/[EMAIL PROTECTED]/[EMAIL
PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@��/I [EMAIL PROTECTED]@[EMAIL
PROTECTED]@"...
ext = 0x492fd43c "\216"
fmtc = "gsm|wav", '\0' <repeats 248 times>
password = "P/[EMAIL PROTECTED]/It�/[EMAIL PROTECTED]/I\214�40��/I", '\0'
<repeats 12 times>, "[EMAIL PROTECTED]/[EMAIL PROTECTED]/I��/[EMAIL
PROTECTED]/I\220x\v\b��/I\214�/I"
vms = {curbox = '\0' <repeats 79 times>, username = '\0' <repeats 79 times>,
curdir = '\0' <repeats 255 times>, vmbox = '\0' <repeats 255 times>, fn = '\0'
<repeats 255 times>,
fn2 = '\0' <repeats 255 times>, deleted = {0 <repeats 100 times>}, heard = {0
<repeats 100 times>},
curmsg = 0, lastmsg = 0, newmessages = 0, oldmessages = 0, starting = 0, repeats = 0}
logretries = 0
---Type <return> to continue, or q <return> to quit---
vmu = (struct ast_vm_user *) 0x81572c0
vmus = {
context = '\0' <repeats 12 times>, "[EMAIL PROTECTED]", '\0' <repeats 15 times>,
"P/[EMAIL PROTECTED]/I$�/[EMAIL PROTECTED] [EMAIL PROTECTED]@[EMAIL PROTECTED] [EMAIL
PROTECTED]/I�n\002@",
mailbox = "[EMAIL PROTECTED]/[EMAIL PROTECTED]/I\023^\025@ [EMAIL
PROTECTED]@P/[EMAIL PROTECTED]/[EMAIL PROTECTED]/Il�/Il�/I",
password = "l�/I��/Ik�/[EMAIL PROTECTED]/I", '\0' <repeats 12 times>, "\001\0\0",
fullname = '\0' <repeats 12 times>, "[EMAIL PROTECTED]", '\0' <repeats 11 times>,
"����", '\0' <repeats 12 times>, "[EMAIL PROTECTED] [EMAIL PROTECTED]@[EMAIL
PROTECTED] [EMAIL PROTECTED]/I�n\002@",
email = "[EMAIL PROTECTED]/[EMAIL PROTECTED]/I\023^\025@ [EMAIL PROTECTED]@[EMAIL
PROTECTED]@\002\0\0\0�\027\016\bT�/[EMAIL PROTECTED]/I\202�\a\b",
pager = "�\224\f\b^\036\v\b[\0\0\0\230�/IChannel: Zap/15-1\r\nContext:
internal\r\nExtension: 8\r\nPriority: 2\r",
serveremail = "\nUniqueid:
1073335421.171\r\n\0p�\025\b��\025\b\0\0\0\0\0\0\0\0��/I", '\0' <repeats 12 times>,
"\001", '\0' <repeats 15 times>, "�\235\002@",
zonetag = "\021", '\0' <repeats 11 times>, "����", '\0' <repeats 12 times>, "[EMAIL
PROTECTED] [EMAIL PROTECTED]@[EMAIL PROTECTED] [EMAIL PROTECTED]/[EMAIL
PROTECTED]@P/[EMAIL PROTECTED]/I\023^\025@", attach = 1075919264, alloced = 135550640,
next = 0x4014ccdb}
context = 0x0
#3 0x08063b8a in pbx_exec (c=0x48c03560, app=0x80e5050, data=0x492ff26c, newstack=1)
at pbx.c:396
res = 1134698732
stack = -1
execute = (int (*)(struct ast_channel *, void *)) 0x47a788e0 <vm_execmain>
#4 0x0806b141 in pbx_extension_helper (c=0x48c03560, context=0x48c036b8 "internal",
exten=0x81572c0 "`5�H",
priority=2, callerid=0x48c005a8 "\"Howard White\" <101>", action=1134698732) at
pbx.c:1170
e = (struct ast_exten *) 0x492fd43c
sw = (struct ast_switch *) 0x0
data = 0x0
newstack = 1
res = 640
status = 4
incstack = {0x8157780 "internal", 0xf9a4fbe4 <Address 0xf9a4fbe4 out of
bounds>,
0xf5c4f7c4 <Address 0xf5c4f7c4 out of bounds>, 0xf444f4c4 <Address 0xf444f4c4 out of
bounds>,
---Type <return> to continue, or q <return> to quit---
0xf544f4c4 <Address 0xf544f4c4 out of bounds>, 0xf844f6c4 <Address 0xf844f6c4 out of
bounds>,
0xfcf4faa4 <Address 0xfcf4faa4 out of bounds>, 0x94feec <Address 0x94feec out of
bounds>,
0x26c01cc <Address 0x26c01cc out of bounds>, 0x28c02cc <Address 0x28c02cc out of
bounds>,
0x144020c <Address 0x144020c out of bounds>, 0xff2c0030 <Address 0xff2c0030 out of
bounds>,
0xfdf4fe74 <Address 0xfdf4fe74 out of bounds>, 0xfdb4fd94 <Address 0xfdb4fd94 out of
bounds>,
0xfe54fdb4 <Address 0xfe54fdb4 out of bounds>, 0xffd0ff0c <Address 0xffd0ff0c out of
bounds>,
0x1340094 <Address 0x1340094 out of bounds>, 0x1cc01ac <Address 0x1cc01ac out of
bounds>,
0x1cc01ec <Address 0x1cc01ec out of bounds>, 0x14401ac <Address 0x14401ac out of
bounds>,
0x9400d4 <Address 0x9400d4 out of bounds>, 0x500060 <Address 0x500060 out of
bounds>, 0x492ff42c "101",
0x8073123 "\205�t\032F\017�\024>\204�\210�u�\213E��\0048", 0x80b7982 "( )-.",
0x31 <Address 0x31 out of bounds>, 0x3 <Address 0x3 out of bounds>, 0x80f5998
"1073335421.171",
0x80f56d8 "\"Howard White\" <101>", 0x80f5998 "1073335421.171", 0x492ff484
"��/IL[\006\b`5�H�6�H�7�H\002",
0x80753a1 "\201�\214", 0x80f5998 "1073335421.171", 0x48c04d0c "1073335421.171",
0x1f <Address 0x1f out of bounds>, 0x40212f50 "d�\022", 0x402139a0 "", 0x402139a0
"", 0x492ff444 "",
0x40156a67 "\213E�\203�\\\211E�\213}�\213E�\213Oh\211M�9�\017\204\225", 0x402139a0
"",
0xff1cfd34 <Address 0xff1cfd34 out of bounds>, 0x492ff41d "Howard White", 0x492ff42c
"101",
0x776f4800 <Address 0x776f4800 out of bounds>, 0x20647261 <Address 0x20647261 out of
bounds>,
0x74696857 <Address 0x74696857 out of bounds>, 0x200065 <Address 0x200065 out of
bounds>,
0x313031 <Address 0x313031 out of bounds>, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0,
0x8075bcc "\213]�\213u�\211�]�\211t$\024�D$\020\200\201\v\b�D$\f�\202\v\b�D$\b\205",
0x80f5958 "\177��?x�\b", 0x0, 0x0, 0x0}
passdata = '\0' <repeats 255 times>
stacklen = 1
tmp =
"\e[1;36;40mVoiceMailMain\e[0;37;40m\0m\0\020\001\0\0\0\0\0\0\020\001\0\0\0\0\0\0TB\021\b\0\0\0\0�:\005\b�}\023\b\024A\021\b
\0\0\0��\002@"
tmp2 = "\e[1;35;40mZap/15-1\e[0;37;40m", '\0' <repeats 20 times>, "[EMAIL
PROTECTED]@��\002@"
tmp3 =
"\e[1;35;40m\e[0;37;40m\0\0�Hl�/I\001\0\0\0�J\021\b\004\0\0\0��/I��/I\0�/I\004�/I\b�/[EMAIL
PROTECTED]/[EMAIL PROTECTED]/[EMAIL PROTECTED]", '\0' <repeats 24 times>, "��/I",
'\0' <repeats 12 times>, "\001", '\0' <repeats 47 times>, "[EMAIL PROTECTED]@[EMAIL
PROTECTED]/I��/[EMAIL PROTECTED]/I��\006\b\\n\f\b�6�Hl�/I\001"...
#5 0x08065b4c in ast_pbx_run (c=0x43a220ec) at pbx.c:1654
digit = 0 '\0'
exten = '\0' <repeats 255 times>
---Type <return> to continue, or q <return> to quit---
pos = 0
waittime = 1227871292
res = 0
#6 0x46e168a8 in ss_thread (data=0x48c03560) at chan_zap.c:4275
p = (struct zt_pvt *) 0x8113ed8
exten = "8", '\0' <repeats 78 times>
exten2 = '\0' <repeats 79 times>
buf = '\0' <repeats 255 times>
cid = '\0' <repeats 255 times>
dtmfbuf = '\0' <repeats 299 times>
cs = (struct callerid_state *) 0x0
name = 0x0
number = 0x0
flags = 0
i = 0
timeout = 0
getforward = 0
len = 1
res = 1227871292
#7 0x40026811 in pthread_start_thread () from /lib/i686/libpthread.so.0
No symbol table info available.
_______________________________________________
Asterisk-Dev mailing list
[EMAIL PROTECTED]
http://lists.digium.com/mailman/listinfo/asterisk-dev
