Merged revisions 114063 via svnmerge from

https://origsvn.digium.com/svn/asterisk/branches/1.4

........
r114063 | mmichelson | 2008-04-11 10:44:28 -0500 (Fri, 11 Apr 2008) | 11 lines

Fix a race condition that may happen between a sip hangup
and a "core show channel" command. This patch adds locking
to prevent the resulting crash.

(closes issue #12155)
Reported by: tsearle
Patches:
      show_channels_crash2.patch uploaded by tsearle (license 373)
Tested by: tsearle

........

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@114064 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/main/features.c b/main/features.c
index 99bf768..089f27a 100644 (file)
--- a/main/features.c
+++ b/main/features.c
@@ -2098,6 +2098,7 @@ int ast_bridge_call(struct ast_channel *chan,struct ast_channel *peer,struct ast
        bridge_cdr = ast_cdr_alloc();
        if (bridge_cdr) {
                if (chan->cdr && peer->cdr) { /* both of them? merge */
+                       ast_channel_lock(chan); /* lock the channel before modifying cdrs */
                        ast_cdr_init(bridge_cdr,chan); /* seems more logicaller to use the  destination as a base, but, really, it's random */
                        ast_cdr_start(bridge_cdr); /* now is the time to start */
                        
@@ -2106,14 +2107,22 @@ int ast_bridge_call(struct ast_channel *chan,struct ast_channel *peer,struct ast
                        if (!ast_test_flag(chan->cdr, AST_CDR_FLAG_LOCKED))
                                ast_cdr_discard(chan->cdr); /* if locked cdrs are in chan, they are taken over in the merge */
                        
+                       chan->cdr = NULL;
+                       ast_channel_unlock(chan);
                        /* absorb the peer cdr */
+                       ast_channel_lock(peer);
                        ast_cdr_merge(bridge_cdr, peer->cdr);
                        if (!ast_test_flag(peer->cdr, AST_CDR_FLAG_LOCKED))
                                ast_cdr_discard(peer->cdr); /* if locked cdrs are in peer, they are taken over in the merge */
                        
-                       peer->cdr = NULL;
+                       peer->cdr = NULL; /* remove pointer to freed memory before releasing the lock */
+                       ast_channel_unlock(peer);
+
+                       ast_channel_lock(chan);
                        chan->cdr = bridge_cdr; /* make this available to the rest of the world via the chan while the call is in progress */
+                       ast_channel_unlock(chan);
                } else if (chan->cdr) {
+                       ast_channel_lock(chan); /* Lock before modifying CDR */
                        /* take the cdr from the channel - literally */
                        ast_cdr_init(bridge_cdr,chan);
                        /* absorb this data */
@@ -2121,7 +2130,9 @@ int ast_bridge_call(struct ast_channel *chan,struct ast_channel *peer,struct ast
                        if (!ast_test_flag(chan->cdr, AST_CDR_FLAG_LOCKED))
                                ast_cdr_discard(chan->cdr); /* if locked cdrs are in chan, they are taken over in the merge */
                        chan->cdr = bridge_cdr; /* make this available to the rest of the world via the chan while the call is in progress */
+                       ast_channel_unlock(chan);
                } else if (peer->cdr) {
+                       ast_channel_lock(peer); /* Lock before modifying CDR */
                        /* take the cdr from the peer - literally */
                        ast_cdr_init(bridge_cdr,peer);
                        /* absorb this data */
@@ -2130,10 +2141,13 @@ int ast_bridge_call(struct ast_channel *chan,struct ast_channel *peer,struct ast
                                ast_cdr_discard(peer->cdr); /* if locked cdrs are in chan, they are taken over in the merge */
                        peer->cdr = NULL;
                        peer->cdr = bridge_cdr; /* make this available to the rest of the world via the chan while the call is in progress */
+                       ast_channel_unlock(peer);
                } else {
+                       ast_channel_lock(chan); /* Lock before modifying CDR */
                        /* make up a new cdr */
                        ast_cdr_init(bridge_cdr,chan); /* eh, just pick one of them */
                        chan->cdr = bridge_cdr; /*  */
+                       ast_channel_unlock(chan);
                }
                if (ast_strlen_zero(bridge_cdr->dstchannel)) {
                        if (strcmp(bridge_cdr->channel, peer->name) != 0)