[sr-dev] git:master: outbound Fix core dump crash
Olle E. Johansson
oej at edvina.net
Wed Feb 20 12:32:39 CET 2013
20 feb 2013 kl. 11:01 skrev Peter Dunkley <peter.dunkley at crocodile-rcs.com>:
> Hi Olle,
>
> I have checked in an (untested) fix.
Thanks!
I'm not sure I can set up a test today. We tested with tryit.jssip.net using Kamailio websocket URI's, placed a call and canceled when in ringing state. The CANCEL repeatedly caused a segfault in Kamailio.
/O
>
> This should do the trick.
>
> Regards,
>
> Peter
>
> On 20/02/13 09:48, Peter Dunkley wrote:
>> Olle,
>>
>> Looking at this I don't understand the crash at all.
>>
>> The check of msg->contact should only pass if parse_headers() had already been called for the Contact: before. The parse_headers() for the Contact: should only return > -1 if the message contains a Contact: and it was parsed successfully.
>>
>> So the code under this conditional should only be able to run if the request contains a Contact: header.
>>
>> I am going to revert the change in master because as it stands the conditional is checking the wrong thing. I don't understand why the code inside this is being run when there is no Contact: at all.
>>
>> Regards,
>>
>> Peter
>>
>> On 20/02/13 09:37, Peter Dunkley wrote:
>>> Hi Olle,
>>>
>>> I don't think this fix is correct. The purpose of checking msg->contact is to see if the contact has been parsed already - it does not tell you whether there is a contact in the message or not.
>>>
>>> With this patch Kamailio might not be crashing, but that conditional is now checking the wrong thing.
>>>
>>> Regards,
>>>
>>> Peter
>>>
>>> On 19 Feb 2013, at 22:10, Olle E. Johansson <oej at edvina.net> wrote:
>>>
>>>> Module: sip-router
>>>> Branch: master
>>>> Commit: 6369444761d44526ded2620e33438abb182d2bdc
>>>> URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=6369444761d44526ded2620e33438abb182d2bdc
>>>>
>>>> Author: Olle E. Johansson <oej at edvina.net>
>>>> Committer: Olle E. Johansson <oej at edvina.net>
>>>> Date: Tue Feb 19 23:08:13 2013 +0100
>>>>
>>>> outbound Fix core dump crash
>>>>
>>>> When we got a CANCEL without Contact the parse_contact was sent a null
>>>> pointer. Changing the "or" to "and" fixed this and Kamailio no longer cores
>>>> on Cancel coming on over websockets from jssip.
>>>>
>>>> Tested at SIPit 30. Core dumps and backtraces available.
>>>> Pdunkley - please check this patch
>>>>
>>>> ---
>>>>
>>>> modules/outbound/ob_mod.c | 2 +-
>>>> 1 files changed, 1 insertions(+), 1 deletions(-)
>>>>
>>>> diff --git a/modules/outbound/ob_mod.c b/modules/outbound/ob_mod.c
>>>> index caf10f4..f7fd63f 100644
>>>> --- a/modules/outbound/ob_mod.c
>>>> +++ b/modules/outbound/ob_mod.c
>>>> @@ -294,7 +294,7 @@ int use_outbound(struct sip_msg *msg)
>>>>
>>>> /* Look for ;reg-id in REGISTER Contact-URIs and ;ob in any
>>>> Contact-URIs */
>>>> - if (msg->contact || parse_headers(msg, HDR_CONTACT_F, 0) != -1)
>>>> + if (msg->contact && parse_headers(msg, HDR_CONTACT_F, 0) != -1)
>>>> {
>>>> if (parse_contact(msg->contact) < 0)
>>>> {
>>>>
>>>>
>>>> _______________________________________________
>>>> sr-dev mailing list
>>>> sr-dev at lists.sip-router.org
>>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>>> _______________________________________________
>>> sr-dev mailing list
>>> sr-dev at lists.sip-router.org
>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>>
>>
>> _______________________________________________
>> sr-dev mailing list
>> sr-dev at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>
>
> _______________________________________________
> sr-dev mailing list
> sr-dev at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
More information about the sr-dev
mailing list