Merged revisions 228420 via svnmerge from

https://origsvn.digium.com/svn/asterisk/trunk

................
  r228420 | dvossel | 2009-11-06 11:09:01 -0600 (Fri, 06 Nov 2009) | 19 lines

  Merged revisions 228418 via svnmerge from
  https://origsvn.digium.com/svn/asterisk/branches/1.4

  ........
    r228418 | dvossel | 2009-11-06 11:07:13 -0600 (Fri, 06 Nov 2009) | 13 lines

    fixes segfault in iLBC

    For reasons not yet known, it appears possible for an ast_frame
    to have a datalen greater than zero while the actual data is NULL
    during Packet Loss Concealment.  Most codecs don't support PLC so
    this doesn't affect them.  This patch catches the malformed frame
    and prevents the crash from occuring.  Additional efforts to determine
    why it is possible for a frame to look like this are still being
    investigated.

    (issue #16979)
  ........
................

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.6.0@228423 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/codecs/codec_ilbc.c b/codecs/codec_ilbc.c
index dcef62dffa6928fcccd51029a2a0444f7ffbbeae..afa6b63f350c690f301636e9c52acc288b1c8bba 100644 (file)
--- a/codecs/codec_ilbc.c
+++ b/codecs/codec_ilbc.c
@@ -117,6 +117,11 @@ static int ilbctolin_framein(struct ast_trans_pvt *pvt, struct ast_frame *f)
        int16_t *dst = (int16_t *)pvt->outbuf;
        float tmpf[ILBC_SAMPLES];
 
+       if (!f->data && f->datalen) {
+               ast_log(LOG_DEBUG, "issue 16070, ILIB ERROR. data = NULL datalen = %d src = %s\n", f->datalen, f->src ? f->src : "no src set");
+               f->datalen = 0;
+       }
+
        if (f->datalen == 0) { /* native PLC, set fake f->datalen and clear plc_mode */
                f->datalen = ILBC_FRAME_LEN;
                f->samples = ILBC_SAMPLES;