From 6ca98524bfc321c12398df5ed0cac6c7cad3c55c Mon Sep 17 00:00:00 2001 From: Richard Mudgett Date: Fri, 20 Mar 2015 19:52:30 +0000 Subject: Audit ast_pjsip_rdata_get_endpoint() usage for ref leaks. Valgrind found some memory leaks associated with ast_pjsip_rdata_get_endpoint(). The leaks would manifest when sending responses to OPTIONS requests, processing MESSAGE requests, and res_pjsip supplements implementing the incoming_request callback. * Fix ast_pjsip_rdata_get_endpoint() endpoint ref leaks in res/res_pjsip.c:supplement_on_rx_request(), res/res_pjsip/pjsip_options.c:send_options_response(), res/res_pjsip_messaging.c:rx_data_to_ast_msg(), and res/res_pjsip_messaging.c:send_response(). * Eliminated RAII_VAR() use with ast_pjsip_rdata_get_endpoint() in res/res_pjsip_nat.c:nat_on_rx_message(). * Fixed inconsistent but benign return value in res/res_pjsip/pjsip_options.c:options_on_rx_request(). Review: https://reviewboard.asterisk.org/r/4511/ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/13@433222 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- res/res_pjsip_messaging.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'res/res_pjsip_messaging.c') diff --git a/res/res_pjsip_messaging.c b/res/res_pjsip_messaging.c index 813090816..f3ae5e674 100644 --- a/res/res_pjsip_messaging.c +++ b/res/res_pjsip_messaging.c @@ -427,13 +427,13 @@ static char *sip_to_pjsip(char *buf, int size, int capacity) */ static enum pjsip_status_code rx_data_to_ast_msg(pjsip_rx_data *rdata, struct ast_msg *msg) { - struct ast_sip_endpoint *endpt = ast_pjsip_rdata_get_endpoint(rdata); + RAII_VAR(struct ast_sip_endpoint *, endpt, NULL, ao2_cleanup); pjsip_uri *ruri = rdata->msg_info.msg->line.req.uri; pjsip_sip_uri *sip_ruri; pjsip_name_addr *name_addr; char buf[MAX_BODY_SIZE]; const char *field; - const char *context = S_OR(endpt->message_context, endpt->context); + const char *context; char exten[AST_MAX_EXTENSION]; int res = 0; int size; @@ -445,6 +445,10 @@ static enum pjsip_status_code rx_data_to_ast_msg(pjsip_rx_data *rdata, struct as sip_ruri = pjsip_uri_get_uri(ruri); ast_copy_pj_str(exten, &sip_ruri->user, AST_MAX_EXTENSION); + endpt = ast_pjsip_rdata_get_endpoint(rdata); + ast_assert(endpt != NULL); + + context = S_OR(endpt->message_context, endpt->context); res |= ast_msg_set_context(msg, "%s", context); res |= ast_msg_set_exten(msg, "%s", exten); @@ -617,13 +621,18 @@ static pj_status_t send_response(pjsip_rx_data *rdata, enum pjsip_status_code co if (dlg && tsx) { status = pjsip_dlg_send_response(dlg, tsx, tdata); } else { - /* Get where to send request. */ + struct ast_sip_endpoint *endpoint; + + /* Get where to send response. */ status = pjsip_get_response_addr(tdata->pool, rdata, &res_addr); if (status != PJ_SUCCESS) { ast_log(LOG_ERROR, "Unable to get response address (%d)\n", status); return status; } - status = ast_sip_send_response(&res_addr, tdata, ast_pjsip_rdata_get_endpoint(rdata)); + + endpoint = ast_pjsip_rdata_get_endpoint(rdata); + status = ast_sip_send_response(&res_addr, tdata, endpoint); + ao2_cleanup(endpoint); } if (status != PJ_SUCCESS) { -- cgit v1.2.3