[sr-dev] git:master:cc5f96f9: dmq: safety check for peer_list when calling the callbacks

Daniel-Constantin Mierla miconda at gmail.com
Thu Jan 8 16:15:57 CET 2015 

Hi Charles,

perhaps Olle can give more details about how he is running it. I was on
an irc-like chat with him reporting and testing, as I wanted to see if
there is anything that can be fixed before building v4.2.2.

On the other hand, not initializong peer_list and dmq_init_callback_done
to NULL and accessing them without check is exposing at list the problem
from destroy() function. Kamailio calls destroy even if the module was
not initialized. Not initializing dmq_init_callback_done at declaration
to NULL results in a random value for it (C doesn't do implicit
initialization), practically shm freeing an invalid pointer in destroy
function.

Cheers,
Daniel


On 08/01/15 16:02, Charles Chance wrote:
> Hi Daniel,
>
> I was wondering, did you find some way in which this was causing the
> issue?
>
> Theoretically, if the module is loaded successfully then peer_list
> cannot be null...
>
> (dmq.c)
>
> static int mod_init(void)
> {
> ...
>         /* load peer list - the list containing the module callbacks
> for dmq */
>         peer_list = init_peer_list();
>         if(peer_list==NULL) {
>                 LM_ERR("cannot initialize peer list\n");
>                 return -1;
>         }
> ...
>
> Also, peer_list should always contain the local notification peer,
> added during startup and prior to run_init_callbacks() ever being called:
>
> ...
>         /**
>          * add the dmq notification peer.
>          * the dmq is a peer itself so that it can receive node
> notifications
>          */
>         if(add_notification_peer()<0) {
>                 LM_ERR("cannot add notification peer\n");
>                 return -1;
>         }
> ...
>
>
> Am I missing something obvious?
>
> Best,
> Charles
>
>
> On 8 January 2015 at 13:21, Daniel-Constantin Mierla
> <miconda at gmail.com <mailto:miconda at gmail.com>> wrote:
>
>     Module: kamailio
>     Branch: master
>     Commit: cc5f96f9c847d285085b0b9809ff0db76ea0a835
>     URL:
>     https://github.com/kamailio/kamailio/commit/cc5f96f9c847d285085b0b9809ff0db76ea0a835
>
>     Author: Daniel-Constantin Mierla <miconda at gmail.com
>     <mailto:miconda at gmail.com>>
>     Committer: Daniel-Constantin Mierla <miconda at gmail.com
>     <mailto:miconda at gmail.com>>
>     Date: 2015-01-08T14:20:58+01:00
>
>     dmq: safety check for peer_list when calling the callbacks
>
>     - can result in crashing if it is not set
>     - reported by Olle E. Johansson
>
>     ---
>
>     Modified: modules/dmq/notification_peer.c
>
>     ---
>
>     Diff: 
>     https://github.com/kamailio/kamailio/commit/cc5f96f9c847d285085b0b9809ff0db76ea0a835.diff
>     Patch:
>     https://github.com/kamailio/kamailio/commit/cc5f96f9c847d285085b0b9809ff0db76ea0a835.patch
>
>     ---
>
>     diff --git a/modules/dmq/notification_peer.c
>     b/modules/dmq/notification_peer.c
>     index 1d804bd..b493717 100644
>     --- a/modules/dmq/notification_peer.c
>     +++ b/modules/dmq/notification_peer.c
>     @@ -173,6 +173,10 @@ int extract_node_list(dmq_node_list_t*
>     update_list, struct sip_msg* msg)
>      int run_init_callbacks() {
>             dmq_peer_t* crt;
>
>     +       if(peer_list==0) {
>     +               LM_WARN("peer list is null\n");
>     +               return 0;
>     +       }
>             crt = peer_list->peers;
>             while(crt) {
>                     if (crt->init_callback) {
>
>
>     _______________________________________________
>     sr-dev mailing list
>     sr-dev at lists.sip-router.org <mailto:sr-dev at lists.sip-router.org>
>     http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>
>
>
>
> -- 
> *Charles Chance*
> Managing Director
>
> t. 0121 285 4400    m. 07932 063 891
>
> www.sipcentric.com <http://www.sipcentric.com/>
>
> Follow us on twitter @sipcentric <http://twitter.com/sipcentric>
>
> Sipcentric Ltd. Company registered in England & Wales no.
> 7365592. Registered office: Faraday Wharf, Innovation Birmingham
> Campus, Holt Street, Birmingham Science Park, Birmingham B7 4BB.
>
>
> _______________________________________________
> sr-dev mailing list
> sr-dev at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev

-- 
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20150108/a7df311c/attachment-0001.html>

More information about the sr-dev mailing list