Module: sip-router Branch: master Commit: 659b920399ee2a75973c610f5dec4c6292903f67 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=659b920… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Thu Sep 19 13:25:41 2013 +0200 core: set to NULL the pointers to several sip msg fileds in cloned structure - instance, ruid and location_ua are reset to null for the clone in shm, otherwise they point to pkg and the shm can be used from other process, resulting in crash - reported and credits for testing and troubleshooting to Alex Balashov --- sip_msg_clone.c | 11 +++++++++++ 1 files changed, 11 insertions(+), 0 deletions(-) diff --git a/sip_msg_clone.c b/sip_msg_clone.c index 58ce353..6a5da1a 100644 --- a/sip_msg_clone.c +++ b/sip_msg_clone.c @@ -539,6 +539,17 @@ struct sip_msg* sip_msg_shm_clone( struct sip_msg *org_msg, int *sip_msg_len, /* path_vec is not cloned (it's reset instead) */ new_msg->path_vec.s=0; new_msg->path_vec.len=0; + /* instance is not cloned (it's reset instead) */ + new_msg->instance.s=0; + new_msg->instance.len=0; + /* ruid is not cloned (it's reset instead) */ + new_msg->ruid.s=0; + new_msg->ruid.len=0; + /* location ua is not cloned (it's reset instead) */ + new_msg->location_ua.s=0; + new_msg->location_ua.len=0; + /* reg_id is not cloned (it's reset instead) */ + new_msg->reg_id=0; /* message buffers(org and scratch pad) */ memcpy( p , org_msg->buf, org_msg->len); /* ZT to be safer */