From 690798cfdcde5e467c285f5fe6f19f0edda858b4 Mon Sep 17 00:00:00 2001 From: Benny Prijono Date: Sat, 10 Oct 2009 13:36:43 +0000 Subject: Ticket #965: Receiving (malformed) re-INVITE with the same Via branch parameter value as previous INVITE would raise assertion (thanks Daniel Nanassy for the report) - also fix possible crashes when UAS transaction initialization fails for some reason git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@2936 74dad513-b988-da41-8d7b-12977e46ad98 --- pjsip/src/pjsip/sip_dialog.c | 13 ++++++++++++- pjsip/src/pjsip/sip_transaction.c | 16 ++++++++++++---- 2 files changed, 24 insertions(+), 5 deletions(-) (limited to 'pjsip') diff --git a/pjsip/src/pjsip/sip_dialog.c b/pjsip/src/pjsip/sip_dialog.c index 25c6cef6..7514616a 100644 --- a/pjsip/src/pjsip/sip_dialog.c +++ b/pjsip/src/pjsip/sip_dialog.c @@ -1532,7 +1532,18 @@ void pjsip_dlg_on_rx_request( pjsip_dialog *dlg, pjsip_rx_data *rdata ) rdata->msg_info.msg->line.req.method.id != PJSIP_ACK_METHOD) { status = pjsip_tsx_create_uas(dlg->ua, rdata, &tsx); - PJ_ASSERT_ON_FAIL(status==PJ_SUCCESS,{goto on_return;}); + if (status != PJ_SUCCESS) { + /* Once case for this is when re-INVITE contains same + * Via branch value as previous INVITE (ticket #965). + */ + char errmsg[PJ_ERR_MSG_SIZE]; + pj_str_t reason; + + reason = pj_strerror(status, errmsg, sizeof(errmsg)); + pjsip_endpt_respond_stateless(dlg->endpt, rdata, 500, &reason, + NULL, NULL); + goto on_return; + } /* Put this dialog in the transaction data. */ tsx->mod_data[dlg->ua->id] = dlg; diff --git a/pjsip/src/pjsip/sip_transaction.c b/pjsip/src/pjsip/sip_transaction.c index 455699bd..d5be2b97 100644 --- a/pjsip/src/pjsip/sip_transaction.c +++ b/pjsip/src/pjsip/sip_transaction.c @@ -545,10 +545,15 @@ static pj_status_t mod_tsx_layer_register_tsx( pjsip_transaction *tsx) * Do not use PJ_ASSERT_RETURN since it evaluates the expression * twice! */ - pj_assert(pj_hash_get( mod_tsx_layer.htable, - tsx->transaction_key.ptr, - tsx->transaction_key.slen, - NULL) == NULL); + if(pj_hash_get(mod_tsx_layer.htable, + tsx->transaction_key.ptr, + tsx->transaction_key.slen, + NULL)) + { + pj_mutex_unlock(mod_tsx_layer.mutex); + PJ_LOG(2,(THIS_FILE, "Unable to register transaction (key exists)")); + return PJ_EEXISTS; + } TSX_TRACE_((THIS_FILE, "Transaction %p registered with hkey=0x%p and key=%.*s", @@ -1344,6 +1349,7 @@ PJ_DEF(pj_status_t) pjsip_tsx_create_uas( pjsip_module *tsx_user, status = pjsip_tsx_create_key(tsx->pool, &tsx->transaction_key, PJSIP_ROLE_UAS, &tsx->method, rdata); if (status != PJ_SUCCESS) { + unlock_tsx(tsx, &lck); tsx_destroy(tsx); return status; } @@ -1371,6 +1377,7 @@ PJ_DEF(pj_status_t) pjsip_tsx_create_uas( pjsip_module *tsx_user, /* Get response address. */ status = pjsip_get_response_addr( tsx->pool, rdata, &tsx->res_addr ); if (status != PJ_SUCCESS) { + unlock_tsx(tsx, &lck); tsx_destroy(tsx); return status; } @@ -1393,6 +1400,7 @@ PJ_DEF(pj_status_t) pjsip_tsx_create_uas( pjsip_module *tsx_user, /* Register the transaction. */ status = mod_tsx_layer_register_tsx(tsx); if (status != PJ_SUCCESS) { + unlock_tsx(tsx, &lck); tsx_destroy(tsx); return status; } -- cgit v1.2.3