It is currently possible for an ast_sip_session to exist without an
associated channel as is the case when a new invite is coming in or
just after a hangup is issued on a chan_pjsip channel. Part of the
attended transfer code assumed the channel would be non-NULL and used
it as such causing a crash. This bug was exposed thanks to the attended
transfer ARI test in the test suite.
(closes issue ASTERISK-23287)
Reported by: Matt Jordan
........
Merged revisions 408941 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@408942
65c4cc65-6c06-0410-ace0-
fbb531ad65f3
RAII_VAR(struct refer_attended *, attended, data, ao2_cleanup);
int response = 0;
+ if (!attended->transferer_second->channel) {
+ return -1;
+ }
+
ast_debug(3, "Performing a REFER attended transfer - Transferer #1: %s Transferer #2: %s\n",
ast_channel_name(attended->transferer_chan), ast_channel_name(attended->transferer_second->channel));
projects / asterisk/asterisk.git / commitdiff