[asterisk-bugs] [JIRA] (ASTERISK-28286) chan_sip - no lock pvt data in proc_session_timer()
Krzysztof Trempala (JIRA)
noreply at issues.asterisk.org
Wed Feb 13 07:06:47 CST 2019
Krzysztof Trempala created ASTERISK-28286:
---------------------------------------------
Summary: chan_sip - no lock pvt data in proc_session_timer()
Key: ASTERISK-28286
URL: https://issues.asterisk.org/jira/browse/ASTERISK-28286
Project: Asterisk
Issue Type: Bug
Security Level: None
Components: Channels/chan_sip/General
Affects Versions: 13.24.1
Environment: Ubuntu 12.04
Reporter: Krzysztof Trempala
I have a problem with accidentally overwriting the heap in the situation:
- process session refresh timeout in function proc_session_timer() run transmit_reinvite_with_sdp()
- call has been terminated and channel is destroying
{noformat}
+====================================+
| sched thread |
+====================================+
..
proc_session_timer()
transmit_reinvite_with_sdp (p, ..)
try_suggested_sip_codec(p,..) +=========================+
pbx_builtin_getvar_helper(chan=p->owner) | channel thread |
+=========================+
| ... |
<---------------------------------| sip_hangup |
| sip_set_owner(p, NULL);|
| p->owner = NULL; |
| ... |
| channel destroy |
ast_channel_lock(chan); +-------------------------+
{noformat}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list