[OpenSIPS-Devel] [OpenSIPS/opensips] 8af37b: dialog: Fix unsafe profile linker handling
Liviu Chircu
noreply at github.com
Thu Sep 26 12:58:53 EDT 2019
Branch: refs/heads/master
Home: https://github.com/OpenSIPS/opensips
Commit: 8af37b7bc38bff60a9647b0cc81fa46d0f83a5b2
https://github.com/OpenSIPS/opensips/commit/8af37b7bc38bff60a9647b0cc81fa46d0f83a5b2
Author: Liviu Chircu <liviu at opensips.org>
Date: 2019-09-26 (Thu, 26 Sep 2019)
Changed paths:
M modules/dialog/dlg_profile.c
Log Message:
-----------
dialog: Fix unsafe profile linker handling
Once a profile linker is attached to dlg->profile_links, it _must not_
be touched anymore, as it can be freed at any moment (e.g. within a
simultaneous processing of dialog CREATE + DELETE bin packets).
Many thanks to 46Labs for uncovering this bug and for supporting the fix
(cherry picked from commit ddbff50033fb8701ec3a0bdc189be75a44558639)
(cherry picked from commit 7d75d6fea4aaa587d6853ebaa234aa3bf0aae264)
Commit: 28294ad071d242b55752ee504847cbed1188c71a
https://github.com/OpenSIPS/opensips/commit/28294ad071d242b55752ee504847cbed1188c71a
Author: Liviu Chircu <liviu at opensips.org>
Date: 2019-09-26 (Thu, 26 Sep 2019)
Changed paths:
M modules/dialog/dlg_profile.c
Log Message:
-----------
dialog: Fix a very rare race condition
A dlg->h_id with value 0 is perfectly possible, see link_dlg_unsafe():
dlg->h_id = d_entry->next_id++;
It should not be treated as some special case.
(cherry picked from commit d4be27178f7cb5bc09eb45b331e4cc4a61261444)
(cherry picked from commit abf4ac9b009ce467707c698360235113f4f2f239)
Compare: https://github.com/OpenSIPS/opensips/compare/f829eedda26a...28294ad071d2
More information about the Devel
mailing list