[OpenSIPS-Devel] [OpenSIPS/opensips] a48aec: tm: dup in pkg the faked msg headers

Răzvan Crainea noreply at github.com
Wed Sep 11 10:27:46 EDT 2019


  Branch: refs/heads/master
  Home:   https://github.com/OpenSIPS/opensips
  Commit: a48aeca2d29f0ae04f3393ddb32bcf70b2be2795
      https://github.com/OpenSIPS/opensips/commit/a48aeca2d29f0ae04f3393ddb32bcf70b2be2795
  Author: Razvan Crainea <razvan at opensips.org>
  Date:   2019-09-11 (Wed, 11 Sep 2019)

  Changed paths:
    M modules/tm/t_msgbuilder.h
    M parser/msg_parser.c
    M parser/msg_parser.h

  Log Message:
  -----------
  tm: dup in pkg the faked msg headers

before this commit, the faked reqests were having the headers fields
stored in shm_mem and shared with the tm request uas. Thus, during
concurrent accesses to one of the headers' `parsed` field, the first
process would have parsed the field in pkg memory, and the second
process would have found that header already parsed. However, it
couldn't read the other's process memory, resulting in an invalid
access.
Moving the headers in a private area for the faked request solves this
issue, as each process will have its own `parsed` field in pkg memory.

Credits go to Rizwan Syed and Jonathan Hulme from Connex CS for
reporting and supporting the testing and fixing of this issue.

This issue has also been reported in ticket #1808





More information about the Devel mailing list