[OpenSIPS-Devel] [OpenSIPS/opensips] 7d75d6: dialog: Fix unsafe profile linker handling
Liviu Chircu
noreply at github.com
Thu Sep 26 12:58:05 EDT 2019
Branch: refs/heads/3.0
Home: https://github.com/OpenSIPS/opensips
Commit: 7d75d6fea4aaa587d6853ebaa234aa3bf0aae264
https://github.com/OpenSIPS/opensips/commit/7d75d6fea4aaa587d6853ebaa234aa3bf0aae264
Author: Liviu Chircu <liviu at opensips.org>
Date: 2019-09-26 (Thu, 26 Sep 2019)
Changed paths:
M modules/dialog/dlg_profile.c
Log Message:
-----------
dialog: Fix unsafe profile linker handling
Once a profile linker is attached to dlg->profile_links, it _must not_
be touched anymore, as it can be freed at any moment (e.g. within a
simultaneous processing of dialog CREATE + DELETE bin packets).
Many thanks to 46Labs for uncovering this bug and for supporting the fix
(cherry picked from commit ddbff50033fb8701ec3a0bdc189be75a44558639)
Commit: abf4ac9b009ce467707c698360235113f4f2f239
https://github.com/OpenSIPS/opensips/commit/abf4ac9b009ce467707c698360235113f4f2f239
Author: Liviu Chircu <liviu at opensips.org>
Date: 2019-09-26 (Thu, 26 Sep 2019)
Changed paths:
M modules/dialog/dlg_profile.c
Log Message:
-----------
dialog: Fix a very rare race condition
A dlg->h_id with value 0 is perfectly possible, see link_dlg_unsafe():
dlg->h_id = d_entry->next_id++;
It should not be treated as some special case.
(cherry picked from commit d4be27178f7cb5bc09eb45b331e4cc4a61261444)
Compare: https://github.com/OpenSIPS/opensips/compare/2c312871de6b...abf4ac9b009c
More information about the Devel
mailing list