[Asterisk-code-review] bundled_pjproject: Prevent SEGV in pjsip_evsub_send_request (asterisk[18])

George Joseph asteriskteam at digium.com
Thu Feb 9 06:02:39 CST 2023 

George Joseph has uploaded this change for review. ( https://gerrit.asterisk.org/c/asterisk/+/19893 )


Change subject: bundled_pjproject: Prevent SEGV in pjsip_evsub_send_request
......................................................................

bundled_pjproject: Prevent SEGV in pjsip_evsub_send_request

Check sub->pending_notify in evsub.c:on_tsx_state before
calling pjsip_evsub_send_request().

ASTERISK-30419

Change-Id: Id389f65bc88399fc538608af4508b09b439e1652
---
A third-party/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it.patch
1 file changed, 60 insertions(+), 0 deletions(-)



  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/93/19893/1

diff --git a/third-party/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it.patch b/third-party/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it.patch
new file mode 100644
index 0000000..009060a
--- /dev/null
+++ b/third-party/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it.patch
@@ -0,0 +1,46 @@
+From ac685b30c17be461b2bf5b46a772ed9742b8e985 Mon Sep 17 00:00:00 2001
+From: Riza Sulistyo <trengginas at users.noreply.github.com>
+Date: Thu, 9 Feb 2023 13:19:23 +0700
+Subject: [PATCH] Make sure that NOTIFY tdata is set before sending it.
+
+---
+ pjsip/src/pjsip-simple/evsub.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/pjsip/src/pjsip-simple/evsub.c b/pjsip/src/pjsip-simple/evsub.c
+index da0a9b416..68c1d3951 100644
+--- a/pjsip/src/pjsip-simple/evsub.c
++++ b/pjsip/src/pjsip-simple/evsub.c
+@@ -2216,23 +2216,26 @@ static void on_tsx_state_uas( pjsip_evsub *sub, pjsip_transaction *tsx,
+             }
+ 
+         }  else {
+             sub->state = old_state;
+             sub->state_str = old_state_str;
+         }
+ 
+         /* Send the pending NOTIFY sent by app from inside
+          * on_rx_refresh() callback.
+          */
+-        pj_assert(sub->pending_notify);
+-        status = pjsip_evsub_send_request(sub, sub->pending_notify);
+-        sub->pending_notify = NULL;
++        //pj_assert(sub->pending_notify);
++        /* Make sure that pending_notify is set. */
++        if (sub->pending_notify) {
++            status = pjsip_evsub_send_request(sub, sub->pending_notify);
++            sub->pending_notify = NULL;
++        }
+ 
+     } else if (pjsip_method_cmp(&tsx->method, &pjsip_notify_method)==0) {
+ 
+         /* Handle authentication */
+         if (tsx->state == PJSIP_TSX_STATE_COMPLETED &&
+             (tsx->status_code==401 || tsx->status_code==407))
+         {
+             pjsip_tx_data *tdata;
+             pj_status_t status;
+             pjsip_rx_data *rdata = event->body.tsx_state.src.rdata;
+-- 
+2.39.1
+

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/19893
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 18
Gerrit-Change-Id: Id389f65bc88399fc538608af4508b09b439e1652
Gerrit-Change-Number: 19893
Gerrit-PatchSet: 1
Gerrit-Owner: George Joseph <gjoseph at digium.com>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20230209/1d262f7a/attachment.html>

More information about the asterisk-code-review mailing list