10 Feb
2010
10 Feb
'10
1:31 p.m.
Hi all,
we had problems with some callback-functions. The problem is isolated to
the unref_new_dialog function in dlg_handlers.c
If the whole tmcb_params structure is not initialized, we run into
segfaults in a later usage.
here a patch for this problem ("inspired" by openSIPS code)
@@ -417,7 +420,7 @@
void unref_new_dialog(void *dialog)
{
struct tmcb_params p;
-
+ memset(&p, 0, sizeof(struct tmcb_params));
p.param = (void*)&dialog;
dlg_onreply(0, TMCB_TRANS_DELETED, &p);
}
Down below the whole patch for the dlg_handlers.c file, the second thing
is a extra control part for FAKED_REPLY's in the dlg_onreply function.
I hope this is useful.
best regards
Torben Friese
Index: modules/dialog/dlg_handlers.c
===================================================================
--- modules/dialog/dlg_handlers.c (revision 5983)
+++ modules/dialog/dlg_handlers.c (working copy)
@@ -280,24 +280,27 @@
if (new_state==DLG_STATE_CONFIRMED_NA &&
old_state!=DLG_STATE_CONFIRMED_NA && old_state!=DLG_STATE_CONFIRMED )
{
LM_DBG("dialog %p confirmed\n",dlg);
-
- /* get to tag*/
- if ( !rpl->to && ((parse_headers(rpl, HDR_TO_F,0)<0) || !rpl->to) ) {
- LM_ERR("bad reply or missing TO hdr :-/\n");
- tag.s = 0;
- tag.len = 0;
- } else {
- tag = get_to(rpl)->tag_value;
- if (tag.s==0 || tag.len==0) {
- LM_ERR("missing TAG param in TO hdr :-/\n");
+ if (rpl != FAKED_REPLY) {
+ /* get to tag*/
+ if ( !rpl->to && ((parse_headers(rpl, HDR_TO_F,0)<0) || !rpl->to) )
{
+ LM_ERR("bad reply or missing TO hdr :-/\n");
tag.s = 0;
tag.len = 0;
+ } else {
+ tag = get_to(rpl)->tag_value;
+ if (tag.s==0 || tag.len==0) {
+ LM_ERR("missing TAG param in TO hdr :-/\n");
+ tag.s = 0;
+ tag.len = 0;
+ }
}
- }
- /* save callee's tag, cseq, contact and record route*/
- if (populate_leg_info( dlg, rpl, t, DLG_CALLEE_LEG, &tag) !=0) {
- LM_ERR("could not add further info to the dialog\n");
+ /* save callee's tag, cseq, contact and record route*/
+ if (populate_leg_info( dlg, rpl, t, DLG_CALLEE_LEG, &tag) !=0) {
+ LM_ERR("could not add further info to the dialog\n");
+ }
+ } else {
+ LM_ERR("Faked reply!\n");
}
/* set start time */
@@ -417,7 +420,7 @@
void unref_new_dialog(void *dialog)
{
struct tmcb_params p;
-
+ memset(&p, 0, sizeof(struct tmcb_params));
p.param = (void*)&dialog;
dlg_onreply(0, TMCB_TRANS_DELETED, &p);
}