From fc7455fa4438db7b16a667d706e405196d5eb452 Mon Sep 17 00:00:00 2001 From: Mark Michelson Date: Tue, 27 Jan 2009 20:11:30 +0000 Subject: Merged revisions 171621 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r171621 | mmichelson | 2009-01-27 14:06:01 -0600 (Tue, 27 Jan 2009) | 18 lines Prevent a crash from occurring when a jitter buffer interpolated frame is removed from a slinfactory slinfactory used the "samples" field of an ast_frame in order to determine the amount of data contained within the frame. In certain cases, such as jitter buffer interpolated frames, the frame would have a non-zero value for "samples" but have NULL "data" This caused a problem when a memcpy call in ast_slinfactory_read would attempt to access invalid memory. The solution in use here is to never feed frames into the slinfactory if they have NULL "data" (closes issue #13116) Reported by: aragon Patches: 13116.diff uploaded by putnopvut (license 60) ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@171622 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- main/slinfactory.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'main/slinfactory.c') diff --git a/main/slinfactory.c b/main/slinfactory.c index 0e3a39b22..2e6e47193 100644 --- a/main/slinfactory.c +++ b/main/slinfactory.c @@ -82,6 +82,16 @@ int ast_slinfactory_feed(struct ast_slinfactory *sf, struct ast_frame *f) struct ast_frame *begin_frame = f, *duped_frame = NULL, *frame_ptr; unsigned int x; + /* In some cases, we can be passed a frame which has no data in it, but + * which has a positive number of samples defined. Once such situation is + * when a jitter buffer is in use and the jitter buffer interpolates a frame. + * The frame it produces has data set to NULL, datalen set to 0, and samples + * set to either 160 or 240. + */ + if (!f->data.ptr) { + return 0; + } + if (f->subclass != AST_FORMAT_SLINEAR && f->subclass != AST_FORMAT_SLINEAR16) { if (sf->trans && f->subclass != sf->format) { ast_translator_free_path(sf->trans); -- cgit v1.2.3