pjsip: avoid edge case potential crash in answer()
authorScott Griepentrog <sgriepentrog@digium.com>
Wed, 26 Feb 2014 19:00:56 +0000 (19:00 +0000)
committerScott Griepentrog <sgriepentrog@digium.com>
Wed, 26 Feb 2014 19:00:56 +0000 (19:00 +0000)
When accidentally compiling against a wrong version of
pjsip headers with a different pjsip_inv_session size,
the invite_tsx structure could be null in the answer()
function.  This led to a crash because it attempted to
send the session response with an uninitialized packet
pointer.  This patch presets packet to null and adds a
diagnostic log message to explain why the call fails.

Review: https://reviewboard.asterisk.org/r/3267/
........

Merged revisions 408970 from http://svn.asterisk.org/svn/asterisk/branches/12

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@408971 65c4cc65-6c06-0410-ace0-fbb531ad65f3

channels/chan_pjsip.c

index af0496a..e324b33 100644 (file)
@@ -438,12 +438,15 @@ static struct ast_channel *chan_pjsip_new(struct ast_sip_session *session, int s
 static int answer(void *data)
 {
        pj_status_t status = PJ_SUCCESS;
-       pjsip_tx_data *packet;
+       pjsip_tx_data *packet = NULL;
        struct ast_sip_session *session = data;
 
        pjsip_dlg_inc_lock(session->inv_session->dlg);
        if (session->inv_session->invite_tsx) {
                status = pjsip_inv_answer(session->inv_session, 200, NULL, NULL, &packet);
+       } else {
+               ast_log(LOG_ERROR,"Cannot answer '%s' because there is no associated SIP transaction\n",
+                       ast_channel_name(session->channel));
        }
        pjsip_dlg_dec_lock(session->inv_session->dlg);