<p>Michael Bradeen has uploaded this change for <strong>review</strong>.</p><p><a href="https://gerrit.asterisk.org/c/asterisk/+/19922">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">res_pjsip: Prevent SEGV in pjsip_evsub_send_request<br><br>contributed pjproject - patch to check sub->pending_notify<br>in evsub.c:on_tsx_state before calling<br>pjsip_evsub_send_request()<br><br>res_pjsip_pubsub - change post pjsip 2.13 behavior to use<br>pubsub_on_refresh_timeout to avoid the ao2_cleanup call on<br>the sub_tree. This is is because the final NOTIFY send is no<br>longer the last place the sub_tree is referenced.<br><br>ASTERISK-30419<br><br>Change-Id: Ib5cc662ce578e9adcda312e16c58a10b6453e438<br>---<br>M res/res_pjsip_pubsub.c<br>A third-party/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch<br>2 files changed, 67 insertions(+), 1 deletion(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/22/19922/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/res/res_pjsip_pubsub.c b/res/res_pjsip_pubsub.c</span><br><span>index c80e267..bf07d5a 100644</span><br><span>--- a/res/res_pjsip_pubsub.c</span><br><span>+++ b/res/res_pjsip_pubsub.c</span><br><span>@@ -4137,7 +4137,7 @@</span><br><span> SUBSCRIBE's 200 OK. The previous solution was to push the NOTIFY, but now pjproject</span><br><span> looks for the NOTIFY on send and delays it until after it auto-replies.</span><br><span> If the NOTIFY is not there when it looks to send, pjproject will assert. */</span><br><span style="color: hsl(0, 100%, 40%);">- serialized_pubsub_on_refresh_timeout(sub_tree);</span><br><span style="color: hsl(120, 100%, 40%);">+ pubsub_on_refresh_timeout(sub_tree);</span><br><span> #else</span><br><span> if (ast_sip_push_task(sub_tree->serializer, serialized_pubsub_on_refresh_timeout, ao2_bump(sub_tree))) {</span><br><span> /* If we can't push the NOTIFY refreshing task...we'll just go with it. */</span><br><span>diff --git a/third-party/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch b/third-party/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch</span><br><span>new file mode 100644</span><br><span>index 0000000..009060a</span><br><span>--- /dev/null</span><br><span>+++ b/third-party/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch</span><br><span>@@ -0,0 +1,46 @@</span><br><span style="color: hsl(120, 100%, 40%);">+From ac685b30c17be461b2bf5b46a772ed9742b8e985 Mon Sep 17 00:00:00 2001</span><br><span style="color: hsl(120, 100%, 40%);">+From: Riza Sulistyo <trengginas@users.noreply.github.com></span><br><span style="color: hsl(120, 100%, 40%);">+Date: Thu, 9 Feb 2023 13:19:23 +0700</span><br><span style="color: hsl(120, 100%, 40%);">+Subject: [PATCH] Make sure that NOTIFY tdata is set before sending it.</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+---</span><br><span style="color: hsl(120, 100%, 40%);">+ pjsip/src/pjsip-simple/evsub.c | 9 ++++++---</span><br><span style="color: hsl(120, 100%, 40%);">+ 1 file changed, 6 insertions(+), 3 deletions(-)</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+diff --git a/pjsip/src/pjsip-simple/evsub.c b/pjsip/src/pjsip-simple/evsub.c</span><br><span style="color: hsl(120, 100%, 40%);">+index da0a9b416..68c1d3951 100644</span><br><span style="color: hsl(120, 100%, 40%);">+--- a/pjsip/src/pjsip-simple/evsub.c</span><br><span>++++ b/pjsip/src/pjsip-simple/evsub.c</span><br><span style="color: hsl(120, 100%, 40%);">+@@ -2216,23 +2216,26 @@ static void on_tsx_state_uas( pjsip_evsub *sub, pjsip_transaction *tsx,</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ } else {</span><br><span style="color: hsl(120, 100%, 40%);">+ sub->state = old_state;</span><br><span style="color: hsl(120, 100%, 40%);">+ sub->state_str = old_state_str;</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ /* Send the pending NOTIFY sent by app from inside</span><br><span style="color: hsl(120, 100%, 40%);">+ * on_rx_refresh() callback.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+- pj_assert(sub->pending_notify);</span><br><span style="color: hsl(120, 100%, 40%);">+- status = pjsip_evsub_send_request(sub, sub->pending_notify);</span><br><span style="color: hsl(120, 100%, 40%);">+- sub->pending_notify = NULL;</span><br><span style="color: hsl(120, 100%, 40%);">++ //pj_assert(sub->pending_notify);</span><br><span style="color: hsl(120, 100%, 40%);">++ /* Make sure that pending_notify is set. */</span><br><span style="color: hsl(120, 100%, 40%);">++ if (sub->pending_notify) {</span><br><span style="color: hsl(120, 100%, 40%);">++ status = pjsip_evsub_send_request(sub, sub->pending_notify);</span><br><span style="color: hsl(120, 100%, 40%);">++ sub->pending_notify = NULL;</span><br><span style="color: hsl(120, 100%, 40%);">++ }</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ } else if (pjsip_method_cmp(&tsx->method, &pjsip_notify_method)==0) {</span><br><span style="color: hsl(120, 100%, 40%);">+ </span><br><span style="color: hsl(120, 100%, 40%);">+ /* Handle authentication */</span><br><span style="color: hsl(120, 100%, 40%);">+ if (tsx->state == PJSIP_TSX_STATE_COMPLETED &&</span><br><span style="color: hsl(120, 100%, 40%);">+ (tsx->status_code==401 || tsx->status_code==407))</span><br><span style="color: hsl(120, 100%, 40%);">+ {</span><br><span style="color: hsl(120, 100%, 40%);">+ pjsip_tx_data *tdata;</span><br><span style="color: hsl(120, 100%, 40%);">+ pj_status_t status;</span><br><span style="color: hsl(120, 100%, 40%);">+ pjsip_rx_data *rdata = event->body.tsx_state.src.rdata;</span><br><span style="color: hsl(120, 100%, 40%);">+-- </span><br><span style="color: hsl(120, 100%, 40%);">+2.39.1</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/c/asterisk/+/19922">change 19922</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/c/asterisk/+/19922"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: 18 </div>
<div style="display:none"> Gerrit-Change-Id: Ib5cc662ce578e9adcda312e16c58a10b6453e438 </div>
<div style="display:none"> Gerrit-Change-Number: 19922 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Michael Bradeen <mbradeen@sangoma.com> </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>