Merged revisions 154365 via svnmerge from

https://origsvn.digium.com/svn/asterisk/branches/1.4

........
  r154365 | tilghman | 2008-11-04 14:49:33 -0600 (Tue, 04 Nov 2008) | 9 lines

  On busy systems, it's possible for the values checked within a single line
  of code to change, unless the structure is locked to ensure a consistent
  state.
  (closes issue #13717)
   Reported by: kowalma
   Patches:
         20081102__bug13717.diff.txt uploaded by Corydon76 (license 14)
   Tested by: kowalma
........

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@154366 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/channels/chan_iax2.c b/channels/chan_iax2.c
index da590ee..9f3e618 100644 (file)
--- a/channels/chan_iax2.c
+++ b/channels/chan_iax2.c
@@ -1785,12 +1785,21 @@ static int __find_callno(unsigned short callno, unsigned short dcallno, struct s
 
                /* This will occur on the first response to a message that we initiated,
                 * such as a PING. */
+               if (dcallno) {
+                       ast_mutex_lock(&iaxsl[dcallno]);
+               }
                if (callno && dcallno && iaxs[dcallno] && !iaxs[dcallno]->peercallno && match(sin, callno, dcallno, iaxs[dcallno], check_dcallno)) {
                        iaxs[dcallno]->peercallno = callno;
                        res = dcallno;
                        store_by_peercallno(iaxs[dcallno]);
+                       if (!res || !return_locked) {
+                               ast_mutex_unlock(&iaxsl[dcallno]);
+                       }
                        return res;
                }
+               if (dcallno) {
+                       ast_mutex_unlock(&iaxsl[dcallno]);
+               }
 
 #ifdef IAX_OLD_FIND
                /* If we get here, we SHOULD NOT find a call structure for this