Module: kamailio Branch: master Commit: 09218156f3831ec9642d9ebf20d8668229ab16d6 URL: https://github.com/kamailio/kamailio/commit/09218156f3831ec9642d9ebf20d86682...
Author: Julien Chavanton jchavanton@gmail.com Committer: GitHub noreply@github.com Date: 2021-06-07T08:13:36-07:00
tm: prevent t_suspend memory leak (#2763)
When suspending while already in t_continue when processing a reply / suspending twice in a reply.
Co-authored-by: Julien Chavanton jchavanton@subspace.com
---
Modified: src/modules/tm/t_suspend.c
---
Diff: https://github.com/kamailio/kamailio/commit/09218156f3831ec9642d9ebf20d86682... Patch: https://github.com/kamailio/kamailio/commit/09218156f3831ec9642d9ebf20d86682...
---
diff --git a/src/modules/tm/t_suspend.c b/src/modules/tm/t_suspend.c index 04f906f53c..826307d20a 100644 --- a/src/modules/tm/t_suspend.c +++ b/src/modules/tm/t_suspend.c @@ -118,18 +118,23 @@ int t_suspend(struct sip_msg *msg, LM_ERR("failed find UAC branch\n"); return -1; } - LM_DBG("found a a match with branch id [%d] - " - "cloning reply message to t->uac[branch].reply\n", branch);
- sip_msg_len = 0; - t->uac[branch].reply = sip_msg_cloner( msg, &sip_msg_len ); + if (!t->uac[branch].reply) { + sip_msg_len = 0; + LM_DBG("found a match with branch id [%d] - " + "cloning reply message to t->uac[branch].reply\n", branch); + t->uac[branch].reply = sip_msg_cloner( msg, &sip_msg_len );
- if (! t->uac[branch].reply ) { - LM_ERR("can't alloc' clone memory\n"); - return -1; + if (! t->uac[branch].reply ) { + LM_ERR("can't alloc' clone memory\n"); + return -1; + } + t->uac[branch].end_reply = ((char*)t->uac[branch].reply) + sip_msg_len; + } else { + LM_DBG("found a match with branch id [%d] - " + "message already cloned to t->uac[branch].reply\n", branch); + // This can happen when suspending more than once in a reply. } - t->uac[branch].end_reply = ((char*)t->uac[branch].reply) + sip_msg_len; - LM_DBG("saving transaction data\n"); t->uac[branch].reply->flags = msg->flags; t->flags |= T_ASYNC_SUSPENDED;
-
GitHub