[OpenSIPS-Devel] [OpenSIPS/opensips] 43b696: janus: fix pkg memory leaks in cJSON_Print/cJSON_P...
Norm Brandinger
noreply at github.com
Tue Mar 17 11:24:31 UTC 2026
Branch: refs/heads/master
Home: https://github.com/OpenSIPS/opensips
Commit: 43b696d85eeef9ad233d03070624fcc204d078e8
https://github.com/OpenSIPS/opensips/commit/43b696d85eeef9ad233d03070624fcc204d078e8
Author: Norm Brandinger <n.brandinger at gmail.com>
Date: 2026-03-17 (Tue, 17 Mar 2026)
Changed paths:
M modules/janus/janus_common.c
M modules/janus/janus_mod.c
M modules/janus/janus_proc.c
Log Message:
-----------
janus: fix pkg memory leaks in cJSON_Print/cJSON_Parse paths
The janus module uses cJSON_InitHooks() to route all cJSON allocations
through OpenSIPS pkg_malloc. Three call sites had missing cleanup:
- janus_ipc_send_request(): cJSON_Print() result was copied to shm via
shm_nt_str_dup() but the pkg-allocated original was never freed.
Also added a NULL check -- under pkg exhaustion cJSON_Print returns
NULL and the subsequent strlen(NULL) causes a crash.
- w_janus_send_request(): the cJSON tree from cJSON_Parse() was passed
to janus_ipc_send_request() (which serializes it to shm) but
cJSON_Delete() was never called afterward. Also added cleanup on the
get_janus_connection_by_id() failure path.
- janus_raise_event() and handle_janus_json_request(): added NULL
checks after cJSON_Print(). Fixed missing pkg_free(full_json) on
the shm_strdup() failure path in handle_janus_json_request().
Together these leak ~350 bytes of pkg memory per janus_send_request()
call, leading to SIP worker pkg exhaustion and crash under sustained
load.
Fixes #3712
To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications
More information about the Devel
mailing list