Hi all,
we had problems with some callback-functions. The problem is isolated to the unref_new_dialog function in dlg_handlers.c
If the whole tmcb_params structure is not initialized, we run into segfaults in a later usage.
here a patch for this problem ("inspired" by openSIPS code)
@@ -417,7 +420,7 @@ void unref_new_dialog(void *dialog) { struct tmcb_params p; - + memset(&p, 0, sizeof(struct tmcb_params)); p.param = (void*)&dialog; dlg_onreply(0, TMCB_TRANS_DELETED, &p); }
Down below the whole patch for the dlg_handlers.c file, the second thing is a extra control part for FAKED_REPLY's in the dlg_onreply function.
I hope this is useful.
best regards
Torben Friese
Index: modules/dialog/dlg_handlers.c =================================================================== --- modules/dialog/dlg_handlers.c (revision 5983) +++ modules/dialog/dlg_handlers.c (working copy) @@ -280,24 +280,27 @@ if (new_state==DLG_STATE_CONFIRMED_NA && old_state!=DLG_STATE_CONFIRMED_NA && old_state!=DLG_STATE_CONFIRMED ) { LM_DBG("dialog %p confirmed\n",dlg); - - /* get to tag*/ - if ( !rpl->to && ((parse_headers(rpl, HDR_TO_F,0)<0) || !rpl->to) ) { - LM_ERR("bad reply or missing TO hdr :-/\n"); - tag.s = 0; - tag.len = 0; - } else { - tag = get_to(rpl)->tag_value; - if (tag.s==0 || tag.len==0) { - LM_ERR("missing TAG param in TO hdr :-/\n"); + if (rpl != FAKED_REPLY) { + /* get to tag*/ + if ( !rpl->to && ((parse_headers(rpl, HDR_TO_F,0)<0) || !rpl->to) ) { + LM_ERR("bad reply or missing TO hdr :-/\n"); tag.s = 0; tag.len = 0; + } else { + tag = get_to(rpl)->tag_value; + if (tag.s==0 || tag.len==0) { + LM_ERR("missing TAG param in TO hdr :-/\n"); + tag.s = 0; + tag.len = 0; + } } - }
- /* save callee's tag, cseq, contact and record route*/ - if (populate_leg_info( dlg, rpl, t, DLG_CALLEE_LEG, &tag) !=0) { - LM_ERR("could not add further info to the dialog\n"); + /* save callee's tag, cseq, contact and record route*/ + if (populate_leg_info( dlg, rpl, t, DLG_CALLEE_LEG, &tag) !=0) { + LM_ERR("could not add further info to the dialog\n"); + } + } else { + LM_ERR("Faked reply!\n"); }
/* set start time */ @@ -417,7 +420,7 @@ void unref_new_dialog(void *dialog) { struct tmcb_params p; - + memset(&p, 0, sizeof(struct tmcb_params)); p.param = (void*)&dialog; dlg_onreply(0, TMCB_TRANS_DELETED, &p); }
Hi Torben,
thanks for the patch. I will take care, just on question, is it for 1.5 or 3.0?
Daniel
On 2/10/10 12:31 PM, Torben Friese wrote:
Hi all,
we had problems with some callback-functions. The problem is isolated to the unref_new_dialog function in dlg_handlers.c
If the whole tmcb_params structure is not initialized, we run into segfaults in a later usage.
here a patch for this problem ("inspired" by openSIPS code)
@@ -417,7 +420,7 @@ void unref_new_dialog(void *dialog) { struct tmcb_params p;
- memset(&p, 0, sizeof(struct tmcb_params)); p.param = (void*)&dialog; dlg_onreply(0, TMCB_TRANS_DELETED,&p); }
Down below the whole patch for the dlg_handlers.c file, the second thing is a extra control part for FAKED_REPLY's in the dlg_onreply function.
I hope this is useful.
best regards
Torben Friese
Index: modules/dialog/dlg_handlers.c
--- modules/dialog/dlg_handlers.c (revision 5983) +++ modules/dialog/dlg_handlers.c (working copy) @@ -280,24 +280,27 @@ if (new_state==DLG_STATE_CONFIRMED_NA&& old_state!=DLG_STATE_CONFIRMED_NA&& old_state!=DLG_STATE_CONFIRMED ) { LM_DBG("dialog %p confirmed\n",dlg);
/* get to tag*/if ( !rpl->to&& ((parse_headers(rpl, HDR_TO_F,0)<0) || !rpl->to) ) {LM_ERR("bad reply or missing TO hdr :-/\n");tag.s = 0;tag.len = 0;} else {tag = get_to(rpl)->tag_value;if (tag.s==0 || tag.len==0) {LM_ERR("missing TAG param in TO hdr :-/\n");
if (rpl != FAKED_REPLY) {/* get to tag*/if ( !rpl->to&& ((parse_headers(rpl, HDR_TO_F,0)<0) || !rpl->to) ){
LM_ERR("bad reply or missing TO hdr :-/\n"); tag.s = 0; tag.len = 0;} else {tag = get_to(rpl)->tag_value;if (tag.s==0 || tag.len==0) {LM_ERR("missing TAG param in TO hdr :-/\n");tag.s = 0;tag.len = 0;} }
}/* save callee's tag, cseq, contact and record route*/if (populate_leg_info( dlg, rpl, t, DLG_CALLEE_LEG,&tag) !=0) {LM_ERR("could not add further info to the dialog\n");
/* save callee's tag, cseq, contact and record route*/if (populate_leg_info( dlg, rpl, t, DLG_CALLEE_LEG,&tag) !=0) {LM_ERR("could not add further info to the dialog\n");}} else {LM_ERR("Faked reply!\n");}
/* set start time */
@@ -417,7 +420,7 @@ void unref_new_dialog(void *dialog) { struct tmcb_params p;
- memset(&p, 0, sizeof(struct tmcb_params)); p.param = (void*)&dialog; dlg_onreply(0, TMCB_TRANS_DELETED,&p); }
sr-dev mailing list sr-dev@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
Hi Daniel,
It is for the Kamailio 1.5
regards
Torben
Am Mittwoch, den 10.02.2010, 17:50 +0100 schrieb Daniel-Constantin Mierla:
Hi Torben,
thanks for the patch. I will take care, just on question, is it for 1.5 or 3.0?
Daniel
On 2/10/10 12:31 PM, Torben Friese wrote:
Hi all,
we had problems with some callback-functions. The problem is isolated to the unref_new_dialog function in dlg_handlers.c
If the whole tmcb_params structure is not initialized, we run into segfaults in a later usage.
here a patch for this problem ("inspired" by openSIPS code)
@@ -417,7 +420,7 @@ void unref_new_dialog(void *dialog) { struct tmcb_params p;
- memset(&p, 0, sizeof(struct tmcb_params)); p.param = (void*)&dialog; dlg_onreply(0, TMCB_TRANS_DELETED,&p); }
Down below the whole patch for the dlg_handlers.c file, the second thing is a extra control part for FAKED_REPLY's in the dlg_onreply function.
I hope this is useful.
best regards
Torben Friese
Index: modules/dialog/dlg_handlers.c
--- modules/dialog/dlg_handlers.c (revision 5983) +++ modules/dialog/dlg_handlers.c (working copy) @@ -280,24 +280,27 @@ if (new_state==DLG_STATE_CONFIRMED_NA&& old_state!=DLG_STATE_CONFIRMED_NA&& old_state!=DLG_STATE_CONFIRMED ) { LM_DBG("dialog %p confirmed\n",dlg);
/* get to tag*/if ( !rpl->to&& ((parse_headers(rpl, HDR_TO_F,0)<0) || !rpl->to) ) {LM_ERR("bad reply or missing TO hdr :-/\n");tag.s = 0;tag.len = 0;} else {tag = get_to(rpl)->tag_value;if (tag.s==0 || tag.len==0) {LM_ERR("missing TAG param in TO hdr :-/\n");
if (rpl != FAKED_REPLY) {/* get to tag*/if ( !rpl->to&& ((parse_headers(rpl, HDR_TO_F,0)<0) || !rpl->to) ){
LM_ERR("bad reply or missing TO hdr :-/\n"); tag.s = 0; tag.len = 0;} else {tag = get_to(rpl)->tag_value;if (tag.s==0 || tag.len==0) {LM_ERR("missing TAG param in TO hdr :-/\n");tag.s = 0;tag.len = 0;} }
}/* save callee's tag, cseq, contact and record route*/if (populate_leg_info( dlg, rpl, t, DLG_CALLEE_LEG,&tag) !=0) {LM_ERR("could not add further info to the dialog\n");
/* save callee's tag, cseq, contact and record route*/if (populate_leg_info( dlg, rpl, t, DLG_CALLEE_LEG,&tag) !=0) {LM_ERR("could not add further info to the dialog\n");}} else {LM_ERR("Faked reply!\n");}
/* set start time */
@@ -417,7 +420,7 @@ void unref_new_dialog(void *dialog) { struct tmcb_params p;
- memset(&p, 0, sizeof(struct tmcb_params)); p.param = (void*)&dialog; dlg_onreply(0, TMCB_TRANS_DELETED,&p); }
sr-dev mailing list sr-dev@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
-
Daniel-Constantin Mierla -
Torben Friese