[OpenSER-Devel] pkg_malloc and pkg_free

Mon Dec 10 17:59:20 UTC 2007

So then there's a memory leak in my module and in the UAC module as well.
Consider the following scenario:

I'm using lumps to change the To: header in a SIP message to interop with a
broken (non RFC-compliant) SIP-enabled voicemail system.

I took my example from the UAC module, because the UAC module has a function
which swaps out the From: header with something else.

Consider this code snippet:

static int replace_to_uri(struct sip_msg *msg, str *uri)

{

struct to_body *to;

struct lump* l;

char *p;

 to = (struct to_body *)msg->to->parsed;

 if ((l = del_lump(msg, to->uri.s-msg->buf, to->uri.len, 0)) == 0)

{

LOG(L_ERR,"Delete lump failed\n");

return(0);

}

p = pkg_malloc(uri->len);

if (p == 0)

{

LOG(L_ERR, "Out of memory!\n");

pkg_free(p);

return(0);

}

memcpy(p, uri->s, uri->len);

if (insert_new_lump_after(l, p, uri->len, 0) == 0)

{

LOG(L_ERR, "Insert new lump failed\n");

pkg_free(p);

return(0);

}

 //pkg_free(p);

return(1);

}

If I call pkg_free at the end of the function, the heap memory which stores
my new to: URI is no longer valid memory and is not guaranteed to continue
to hold the string which I'm trying to pass -- and in fact on my FreeBSD
machine it never does.

I have to NOT call pkg_free in order for there not to be garbage in my To:

the UAC module suffers from the same problem.  Take a look at
modules/uac/from.c, replace from function:

 /* build del/add lumps */

if ((l=del_lump( msg, from->uri.s-msg->buf, from->uri.len, 0))==0)

{

LOG(L_ERR,"ERROR:uac:replace_from: del lump failed\n");

goto error;

}

p = pkg_malloc( from_uri->len);

if (p==0)

{

LOG(L_ERR,"ERROR:uac:replace_from: no more pkg mem\n");

goto error;

}

memcpy( p, from_uri->s, from_uri->len);

if (insert_new_lump_after( l, p, from_uri->len, 0)==0)

{

LOG(L_ERR,"ERROR:uac:replace_from: insert new lump failed\n");

pkg_free(p);

goto error;

}

 if (from_restore_mode==FROM_NO_RESTORE)

return 0;

As you can see we only call pkg-free if an error occurs.  Won't this leak?

-Daniel

On Dec 10, 2007 4:24 AM, Bogdan-Andrei Iancu <bogdan at voice-system.ro> wrote:

> Hi Daniel,
>
> if you allocate memory, you need to explicitly free it - there is no
> garbage collector like system in openser.
>
> regards,
> bogdan
>
> Daniel Corbe wrote:
> > I have a question,
> >
> > If I call pkg_malloc(), and don't call pkg_free, does OpenSER know to
> > free() the memory later?  And if so, when does the message get free'd
> > exactly?
> >
> > -Daniel
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Devel mailing list
> > Devel at lists.openser.org
> > http://lists.openser.org/cgi-bin/mailman/listinfo/devel
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openser.org/pipermail/devel/attachments/20071210/70768de0/attachment.htm 