link_contact_to_impu() does not behave as intended - it will return immediately because ptr==contact . This will lead to a crash when current contact is always different than the previous. To prevent this, I set ptr to 0 as it points to a chunk of freed memory anyway. Removed call to unlink_contact_from_impu() as I believed is redundant and it leads to double free. This is an usual scenario and it happens with devices that reconnect on TCP , and they change the src port every time , and then the contact will be different.
You can view, comment on, or merge this pull request online at:
https://github.com/kamailio/kamailio/pull/512
-- Commit Summary --
* ims_usrloc_scscf: fix link_contact_to_impu() (was crashing when maxcontact_behaviour == 2)
-- File Changes --
M modules/ims_usrloc_scscf/impurecord.c (4)
-- Patch Links --
https://github.com/kamailio/kamailio/pull/512.patch https://github.com/kamailio/kamailio/pull/512.diff
--- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/512