[Asterisk-Dev] Another SIP fix

[Luke Howard]

Fixes a couple of crashers in chan_sip.

-- Luke

-------------- next part --------------
Index: channels/chan_sip.c
===================================================================
RCS file: /usr/cvsroot/asterisk/channels/chan_sip.c,v
retrieving revision 1.23
diff -u -r1.23 chan_sip.c
--- channels/chan_sip.c	31 Mar 2003 03:19:34 -0000	1.23
+++ channels/chan_sip.c	31 Mar 2003 13:49:50 -0000
@@ -363,13 +363,16 @@
 			} else {
 				/* If no owner, destroy now */
 				sip_destroy(pkt->owner);
+				pkt = NULL;
 			}
 		}
 	} else {
 		/* Don't bother retransmitting.  It's about to be killed anyway */
 		pkt->retransid = -1;
 	}
-	ast_pthread_mutex_unlock(&pkt->owner->lock);
+	if (pkt != NULL) {
+		ast_pthread_mutex_unlock(&pkt->owner->lock);
+	}
 	return res;
 }
 
@@ -2175,8 +2178,9 @@
 	char via[80];
 	char addr[80];
 	struct sip_pvt *p;
+
 	/* exit if we are already in process with this registrar ?*/
-	if ( (auth==NULL && r->regstate==REG_STATE_REGSENT) || r->regstate==REG_STATE_AUTHSENT) {
+	if (r == NULL || (auth==NULL && r->regstate==REG_STATE_REGSENT) || r->regstate==REG_STATE_AUTHSENT) {
 		ast_log(LOG_NOTICE, "Strange, trying to register when registration already pending\n");
 		return 0;
 	}
-------------- next part --------------

P.S. Mark, you might want to take a look at:

==29395== 
==29395== Thread 14:
==29395== Conditional jump or move depends on uninitialised value(s)
==29395==    at 0x401662D3: strcmp (vg_clientfuncs.c:477)
==29395==    by 0x8064D86: pbx_builtin_getvar_helper (pbx.c:3900)
==29395==    by 0x43CD7420: ??? (app_macro.c:124)
==29395==    by 0x805E05F: pbx_exec (pbx.c:352)

--
Luke Howard | PADL Software Pty Ltd | www.padl.com