[asterisk-commits] chan pjsip: Fix crash on reINVITE before initial INVITE comp... (asterisk[13])

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Thu Oct 8 13:48:14 CDT 2015 

Joshua Colp has submitted this change and it was merged.

Change subject: chan_pjsip: Fix crash on reINVITE before initial INVITE completes.
......................................................................


chan_pjsip: Fix crash on reINVITE before initial INVITE completes.

Apparently some endpoints attempt to send a reINVITE before completing the
initial INVITE transaction.  In this case PJSIP responds appropriately to
the reINVITE with a 491 INVITE request pending.  Unfortunately chan_pjsip
is using the initial INVITE transaction state to determine if an INVITE is
the initial INVITE or a reINVITE.  Since the initial INVITE transaction
has not been confirmed yet chan_pjsip thinks the reINVITE is an initial
INVITE and starts another PBX thread on the channel.  The extra PBX thread
ensures that hilarity ensues.

* Fix checks for a reINVITE on incoming requests to look for the presence
of a to-tag instead of the initial INVITE transaction state.

* Made caller_id_incoming_request() determine what to do if there is a
channel on the session or not.  After a channel is created it is too late
to just store the new party id on the session because the session's party
id has already been copied to the channel's caller id.

ASTERISK-25404 #close
Reported by: Chet Stevens

Change-Id: Ie78201c304a2b13226f3a4ce59908beecc2c68be
---
M channels/chan_pjsip.c
M res/res_pjsip_caller_id.c
2 files changed, 16 insertions(+), 11 deletions(-)

Approvals:
  Anonymous Coward #1000019: Verified
  Matt Jordan: Looks good to me, but someone else must approve
  Joshua Colp: Looks good to me, approved



diff --git a/channels/chan_pjsip.c b/channels/chan_pjsip.c
index 2a815a8..6195d10 100644
--- a/channels/chan_pjsip.c
+++ b/channels/chan_pjsip.c
@@ -2085,7 +2085,8 @@
 		return 0;
 	}
 
-	if (session->inv_session->state >= PJSIP_INV_STATE_CONFIRMED) {
+	/* Check for a to-tag to determine if this is a reinvite */
+	if (rdata->msg_info.to->tag.slen) {
 		/* Weird case. We've received a reinvite but we don't have a channel. The most
 		 * typical case for this happening is that a blind transfer fails, and so the
 		 * transferer attempts to reinvite himself back into the call. We already got
@@ -2132,8 +2133,9 @@
 	struct ast_features_pickup_config *pickup_cfg;
 	struct ast_channel *chan;
 
-	/* We don't care about reinvites */
-	if (session->inv_session->state >= PJSIP_INV_STATE_CONFIRMED) {
+	/* Check for a to-tag to determine if this is a reinvite */
+	if (rdata->msg_info.to->tag.slen) {
+		/* We don't care about reinvites */
 		return 0;
 	}
 
@@ -2180,8 +2182,9 @@
 {
 	int res;
 
-	/* We don't care about reinvites */
-	if (session->inv_session->state >= PJSIP_INV_STATE_CONFIRMED) {
+	/* Check for a to-tag to determine if this is a reinvite */
+	if (rdata->msg_info.to->tag.slen) {
+		/* We don't care about reinvites */
 		return 0;
 	}
 
diff --git a/res/res_pjsip_caller_id.c b/res/res_pjsip_caller_id.c
index 63ef1f4..f1908a7 100644
--- a/res/res_pjsip_caller_id.c
+++ b/res/res_pjsip_caller_id.c
@@ -351,10 +351,11 @@
  */
 static int caller_id_incoming_request(struct ast_sip_session *session, pjsip_rx_data *rdata)
 {
-	if (session->inv_session->state < PJSIP_INV_STATE_CONFIRMED) {
+	if (!session->channel) {
 		/*
-		 * Initial inbound INVITE.  Set the session ID directly
-		 * because the channel has not been created yet.
+		 * Since we have no channel this must be the initial inbound
+		 * INVITE.  Set the session ID directly because the channel
+		 * has not been created yet.
 		 */
 		if (session->endpoint->id.trust_inbound
 			&& (!set_id_from_pai(rdata, &session->id)
@@ -367,9 +368,10 @@
 		if (!session->endpoint->id.self.number.valid) {
 			set_id_from_from(rdata, &session->id);
 		}
-	} else if (session->channel) {
-		/* Reinvite. Check for changes to the ID and queue a connected line
-		 * update if necessary
+	} else {
+		/*
+		 * ReINVITE or UPDATE.  Check for changes to the ID and queue
+		 * a connected line update if necessary.
 		 */
 		update_incoming_connected_line(session, rdata);
 	}

-- 
To view, visit https://gerrit.asterisk.org/1394
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ie78201c304a2b13226f3a4ce59908beecc2c68be
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Owner: Richard Mudgett <rmudgett at digium.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Matt Jordan <mjordan at digium.com>

More information about the asterisk-commits mailing list