[Asterisk-code-review] res pjsip session: Fix multiple leaks. (asterisk[master])

Corey Farrell asteriskteam at digium.com
Mon Nov 6 18:07:39 CST 2017 

Corey Farrell has uploaded this change for review. ( https://gerrit.asterisk.org/7084


Change subject: res_pjsip_session: Fix multiple leaks.
......................................................................

res_pjsip_session: Fix multiple leaks.

* Pre-initialize vectors to final size in
  ast_sip_session_media_state_clone to ensure errors cannot happen later
  in the function.
* Release session_media on vector replace failure in
  ast_sip_session_media_state_add.
* Release clone and media_state in ast_sip_session_refresh if we fail to
  append to the stream topology, return an error.

Change-Id: Ib5ffc9b198683fa7e9bf166d74d30c1334c23acb
---
M res/res_pjsip_session.c
1 file changed, 20 insertions(+), 2 deletions(-)



  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/84/7084/1

diff --git a/res/res_pjsip_session.c b/res/res_pjsip_session.c
index 4724d46..f557fee 100644
--- a/res/res_pjsip_session.c
+++ b/res/res_pjsip_session.c
@@ -238,6 +238,16 @@
 		}
 	}
 
+	if (AST_VECTOR_INIT(&cloned->sessions, AST_VECTOR_SIZE(&media_state->sessions))) {
+		ast_sip_session_media_state_free(cloned);
+		return NULL;
+	}
+
+	if (AST_VECTOR_INIT(&cloned->read_callbacks, AST_VECTOR_SIZE(&media_state->read_callbacks))) {
+		ast_sip_session_media_state_free(cloned);
+		return NULL;
+	}
+
 	for (index = 0; index < AST_VECTOR_SIZE(&media_state->sessions); ++index) {
 		struct ast_sip_session_media *session_media = AST_VECTOR_GET(&media_state->sessions, index);
 		enum ast_media_type type = ast_stream_get_type(ast_stream_topology_get_stream(cloned->topology, index));
@@ -452,7 +462,11 @@
 		}
 	}
 
-	AST_VECTOR_REPLACE(&media_state->sessions, position, session_media);
+	if (AST_VECTOR_REPLACE(&media_state->sessions, position, session_media)) {
+		ao2_ref(session_media, -1);
+
+		return NULL;
+	}
 
 	/* If this stream will be active in some way and it is the first of this type then consider this the default media session to match */
 	if (!media_state->default_session[type] && ast_stream_get_state(ast_stream_topology_get_stream(media_state->topology, position)) != AST_STREAM_STATE_REMOVED) {
@@ -1588,7 +1602,11 @@
 					}
 
 					ast_stream_set_state(cloned, AST_STREAM_STATE_REMOVED);
-					ast_stream_topology_append_stream(media_state->topology, cloned);
+					if (ast_stream_topology_append_stream(media_state->topology, cloned)) {
+						ast_stream_free(cloned);
+						ast_sip_session_media_state_free(media_state);
+						return -1;
+					}
 				}
 
 				/* If the resulting media state matches the existing active state don't bother doing a session refresh */

-- 
To view, visit https://gerrit.asterisk.org/7084
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ib5ffc9b198683fa7e9bf166d74d30c1334c23acb
Gerrit-Change-Number: 7084
Gerrit-PatchSet: 1
Gerrit-Owner: Corey Farrell <git at cfware.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20171106/2e9f8bf3/attachment.html>

More information about the asterisk-code-review mailing list