[asterisk-commits] markm: branch 1.10 r328664 - in /branches/1.10: ./ apps/app_dial.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Mon Jul 18 15:50:16 CDT 2011
Author: markm
Date: Mon Jul 18 15:50:13 2011
New Revision: 328664
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=328664
Log:
Merged revisions 328663 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.8
........
r328663 | markm | 2011-07-18 16:47:04 -0400 (Mon, 18 Jul 2011) | 9 lines
app_dial may double free a channel datastore
When starting a call with originate, and having the callee channel run Bridge() on pickup, we will double free the dialed_interface_info datastore, causing a crash. Make sure to check if the datastore still exists before trying to free it.
(closes issue ASTERISK-17917)
Reported by: Mark Murawski
Tested by: Mark Murawski
........
Modified:
branches/1.10/ (props changed)
branches/1.10/apps/app_dial.c
Propchange: branches/1.10/
------------------------------------------------------------------------------
Binary property 'branch-1.8-merged' - no diff available.
Modified: branches/1.10/apps/app_dial.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.10/apps/app_dial.c?view=diff&rev=328664&r1=328663&r2=328664
==============================================================================
--- branches/1.10/apps/app_dial.c (original)
+++ branches/1.10/apps/app_dial.c Mon Jul 18 15:50:13 2011
@@ -2409,7 +2409,8 @@
* datastore again, causing a crash
*/
ast_channel_lock(chan);
- if (!ast_channel_datastore_remove(chan, datastore)) {
+ datastore = ast_channel_datastore_find(chan, &dialed_interface_info, NULL); /* make sure we weren't cleaned up already */
+ if (datastore && !ast_channel_datastore_remove(chan, datastore)) {
ast_datastore_free(datastore);
}
ast_channel_unlock(chan);
More information about the asterisk-commits
mailing list