Bug#725925: Can I get my $500 now, please? ;-)

2014-05-27 Thread Jeremy Lainé 
Hi Thorsten,

Thanks for the patch. I am not entirely convinced it is correct though, as it 
does change
what gets gets passed into realtime_ldap_base_ap (two arguments have been 
already been
consumed). An alternative patch was suggested in the upstream issue which 
instead makes a
copy of the variadic list:

https://issues.asterisk.org/jira/browse/ASTERISK-19941

Jeremy


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#725925: Can I get my $500 now, please? ;-)

2014-05-27 Thread Thorsten Glaser 
Jeremy Lainé dixit:

Thanks for the patch. I am not entirely convinced it is correct
though, as it does change what gets gets passed into
realtime_ldap_base_ap (two arguments have been already been consumed).

Right, I had been wondering about that, too.
The other modules’ functions do not consume them at all,
they rather dereference the result of the consumer function.

An alternative patch was suggested in the upstream issue which instead
makes a copy of the variadic list:

That is probably a sound fix, yes.

https://issues.asterisk.org/jira/browse/ASTERISK-19941

I cannot access that, unfortunately:

│Looking up issues.asterisk.org
│Making HTTPS connection to issues.asterisk.org
│SSL callback:ok, preverify_ok=1, ssl_okay=0
│SSL callback:ok, preverify_ok=1, ssl_okay=0
│SSL callback:ok, preverify_ok=1, ssl_okay=0
│Verified connection to issues.asterisk.org (cert=*.asterisk.org)
│Certificate issued by: /C=US/O=GeoTrust, Inc./CN=RapidSSL CA
│Secure 256-bit TLSv1/SSLv3 (DHE-RSA-AES256-SHA) HTTP connection
│Sending HTTP request.
│HTTP request sent; waiting for response.
│Alert!: Unexpected network read error; connection aborted.
│Can't Access `https://issues.asterisk.org/jira/browse/ASTERISK-19941'
│Alert!: Unable to access document.

But judging from your description of the patch, I’d say,
go for it. Nik can probably test a fix on his server.

(A bit unfortunate for all of us, a new major version
was uploaded to sid at the time we finally got around
to debug this. I have no idea how to best handle this
(also since I don’t use Asterisk myself).)

bye,
//mirabilos
-- 
“ah that reminds me, thanks for the stellar entertainment that you and certain
other people provide on the Debian mailing lists │ sole reason I subscribed to
them (I'm not using Debian anywhere) is the entertainment factor │ Debian does
not strike me as a place for good humour, much less German admin-style humour”


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#725925: Can I get my $500 now, please? ;-)

2014-05-22 Thread Thorsten Glaser 
tags 725925 + patch
thanks

Hi Asterisk maintainers,

Nik managed to persuade me to debug this. The crash appears, in first
tests, to have gone away. I don’t use Asterisk myself but was asked to
steer the debdiff here, for your perusal. Please also forward this
upstream – and tell them, just in case, that my eMail address does
accept PayPal incoming money transfers ☺

bye,
//mirabilos
-- 
ah, that reminds me, thanks for the stellar entertainment that you and certain
other people provide on the Debian mailing lists │ sole reason I subscribed to
them (I'm not using Debian anywhere) is the entertainment factor │ Debian does
not strike me as a place for good humour, much less German admin-style humourdiff -Nru asterisk-11.8.1~dfsg/debian/changelog 
asterisk-11.8.1~dfsg/debian/changelog
--- asterisk-11.8.1~dfsg/debian/changelog   2014-03-11 07:45:58.0 
+0100
+++ asterisk-11.8.1~dfsg/debian/changelog   2014-05-22 23:48:51.0 
+0200
@@ -1,3 +1,10 @@
+asterisk (1:11.8.1~dfsg-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix segfault for Nik (Closes: #725925)
+
+ -- Thorsten Glaser t...@mirbsd.de  Thu, 22 May 2014 23:48:42 +0200
+
 asterisk (1:11.8.1~dfsg-1) unstable; urgency=high
 
   * New upstream security release (Closes: #741313).
diff -Nru asterisk-11.8.1~dfsg/debian/patches/fix-ldap-segfault 
asterisk-11.8.1~dfsg/debian/patches/fix-ldap-segfault
--- asterisk-11.8.1~dfsg/debian/patches/fix-ldap-segfault   1970-01-01 
01:00:00.0 +0100
+++ asterisk-11.8.1~dfsg/debian/patches/fix-ldap-segfault   2014-05-22 
23:50:39.0 +0200
@@ -0,0 +1,35 @@
+Description: Fix a segfault in the LDAP config module
+ realtime_ldap_base_ap() consumes all argument pairs
+ including the sentinel, whereas “newparam” must be
+ the first one to be consumed. Shuffle order of calls.
+ .
+ This problem was introduced in the fix for:
+ https://issues.asterisk.org/view.php?id=13573
+Forwarded: no
+Author: Thorsten Glaser t...@mirbsd.org
+Last-Update: 2014-05-22
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725925
+Bug-Upstream: https://issues.asterisk.org/jira/browse/ASTERISK-19941
+
+Index: asterisk-11.8.1~dfsg/res/res_config_ldap.c
+===
+--- asterisk-11.8.1~dfsg.orig/res/res_config_ldap.c
 asterisk-11.8.1~dfsg/res/res_config_ldap.c
+@@ -963,8 +963,7 @@ static struct ast_config *realtime_multi
+   char *op;
+   const char *initfield = NULL;
+   const char *newparam, *newval;
+-  struct ast_variable **vars =
+-  realtime_ldap_base_ap(NULL, basedn, table_name, ap);
++  struct ast_variable **vars;
+   struct ast_config *cfg = NULL;
+ 
+   newparam = va_arg(ap, const char *);
+@@ -977,6 +976,7 @@ static struct ast_config *realtime_multi
+   if ((op = strchr(initfield, ' '))) {
+   *op = '\0';
+   }
++  vars = realtime_ldap_base_ap(NULL, basedn, table_name, ap);
+ 
+   if (vars) {
+   cfg = ast_config_new();
diff -Nru asterisk-11.8.1~dfsg/debian/patches/series 
asterisk-11.8.1~dfsg/debian/patches/series
--- asterisk-11.8.1~dfsg/debian/patches/series  2014-03-04 11:31:38.0 
+0100
+++ asterisk-11.8.1~dfsg/debian/patches/series  2014-05-22 23:47:13.0 
+0200
@@ -33,3 +33,4 @@
 ignore_failed_channels.patch
 smsq_enable.patch
 ASTERISK-23310.patch
+fix-ldap-segfault