[OpenSIPS-Devel] [OpenSIPS/opensips] fa6034: Fix potential memory corruption on TCP write error...

Liviu Chircu liviu at opensips.org
Tue Oct 27 17:40:04 CET 2015 

  Branch: refs/heads/1.11
  Home:   https://github.com/OpenSIPS/opensips
  Commit: fa6034bd6c462b9520cf0cf15ce520b90b285cf9
      https://github.com/OpenSIPS/opensips/commit/fa6034bd6c462b9520cf0cf15ce520b90b285cf9
  Author: Liviu Chircu <liviu at opensips.org>
  Date:   2015-10-27 (Tue, 27 Oct 2015)

  Changed paths:
    M tcp_main.c

  Log Message:
  -----------
  Fix potential memory corruption on TCP write errors

This patch fixes two well-hidden TCP connection referencing bugs which
would only reveal themselves upon running into failed TCP send() operations
due to various reasons (e.g. full send buffer) in high-traffic environments.

Credits to Hieu Ta and Don Steul from Jibe Mobile for detailed reporting
and providing an adequate replication environment


  Commit: efed06c44670d5b54da9eee2bd38f39f4c59af86
      https://github.com/OpenSIPS/opensips/commit/efed06c44670d5b54da9eee2bd38f39f4c59af86
  Author: Liviu Chircu <liviu at opensips.org>
  Date:   2015-10-27 (Tue, 27 Oct 2015)

  Changed paths:
    M tcp_main.c

  Log Message:
  -----------
  TCP aliases: Fix more race conditions (issue #589)

_tcpconn_find() returns a pointer which should never be used outside of
TCP lock. This patch completes commit 22f4c1a2e05 by fixing two
additional issues of the same type in tcpconn_add_alias()


  Commit: 317af68e65735c684d7f7638b5b29a3ae5226e25
      https://github.com/OpenSIPS/opensips/commit/317af68e65735c684d7f7638b5b29a3ae5226e25
  Author: Liviu Chircu <liviu at opensips.org>
  Date:   2015-10-27 (Tue, 27 Oct 2015)

  Changed paths:
    M tcp_read.c

  Log Message:
  -----------
  Prevent TCP writers from freeing reader structures

Since a TCP connection's "con_req" field is exclusively used by one reader
at a time, TCP writers should not attempt to free it when releasing
connections.

NB: Issue is fixed in OpenSIPS 2.1+


  Commit: 85e0634fa592037a6950a525704ce561845b2cfb
      https://github.com/OpenSIPS/opensips/commit/85e0634fa592037a6950a525704ce561845b2cfb
  Author: Liviu Chircu <liviu at opensips.org>
  Date:   2015-10-27 (Tue, 27 Oct 2015)

  Changed paths:
    M tcp_read.c

  Log Message:
  -----------
  TCP read errors: Silently discard ECONNRESET

Also move TCP read errors down to a more disposable debugging level.


  Commit: 1dd0700c88918aecdaa8fe9ed1604c96c054e702
      https://github.com/OpenSIPS/opensips/commit/1dd0700c88918aecdaa8fe9ed1604c96c054e702
  Author: Liviu Chircu <liviu at opensips.org>
  Date:   2015-10-27 (Tue, 27 Oct 2015)

  Changed paths:
    M tcp_main.c

  Log Message:
  -----------
  TCP aliases: Reduce log level of port hijacking alerts

Allows better log control in deployments where these errors are false positives.


Compare: https://github.com/OpenSIPS/opensips/compare/26a0a62621f6...1dd0700c8891

More information about the Devel mailing list