res_pjsip_session: Do not call session supplements when it's too late.

res_pjsip_sesssion was hooking into transaction and invite state
changes. One of the reasons for doing so was due to the
PJSIP_EVENT_TX_MSG event. The idea was that we were hooking into the
message sending process, and so we should call session supplements to
alter the outgoing message.

In reality, this event was meant to indicate that the message either
a) had already been sent, or
b) required a DNS lookup and would be sent when the DNS query
completed.

In case (a), this meant we were altering an already-sent
request/response for no reason. In case (b), this potentially meant we
could be trying to alter a request/response at the same time that the
DNS resolution completed. In this case, it meant we might be stomping on
memory being used by the thread actually sending the message. This
caused potential crashes and memory corruption.

This patch removes the calls to session supplements from the case where
the PJSIP_EVENT_TX_MSG event occurs. In all of these cases, trying to
alter the message at this point is too late, and it can cause nothing
but harm to try to do it. Because there were no longer any calls to the
handle_outgoing() function, it has been removed.

Change-Id: Ibcc223fb1c3a237927f38754e0429e80ee301e92
(cherry picked from commit e043d1a55cf356066b3b39ebac8b4bbb612ce807)

diff --git a/res/res_pjsip_session.c b/res/res_pjsip_session.c
index c04d019939a04d4d419be3d9659d5a2615b5452a..4425ec86f209d798ab904bba4e04cfa1de48fc8b 100644 (file)
--- a/res/res_pjsip_session.c
+++ b/res/res_pjsip_session.c
@@ -60,7 +60,6 @@ static int handle_incoming(struct ast_sip_session *session, pjsip_rx_data *rdata
                enum ast_sip_session_response_priority response_priority);
 static void handle_outgoing_request(struct ast_sip_session *session, pjsip_tx_data *tdata);
 static void handle_outgoing_response(struct ast_sip_session *session, pjsip_tx_data *tdata);
-static void handle_outgoing(struct ast_sip_session *session, pjsip_tx_data *tdata);
 
 /*! \brief NAT hook for modifying outgoing messages with SDP */
 static struct ast_sip_nat_hook *nat_hook;
@@ -2436,17 +2435,6 @@ static void handle_outgoing_response(struct ast_sip_session *session, pjsip_tx_d
        }
 }
 
-static void handle_outgoing(struct ast_sip_session *session, pjsip_tx_data *tdata)
-{
-       ast_debug(3, "Sending %s\n", tdata->msg->type == PJSIP_REQUEST_MSG ?
-                       "request" : "response");
-       if (tdata->msg->type == PJSIP_REQUEST_MSG) {
-               handle_outgoing_request(session, tdata);
-       } else {
-               handle_outgoing_response(session, tdata);
-       }
-}
-
 static void session_end(struct ast_sip_session *session)
 {
        struct ast_sip_session_supplement *iter;
@@ -2502,7 +2490,6 @@ static void session_inv_on_state_changed(pjsip_inv_session *inv, pjsip_event *e)
 
        switch(type) {
        case PJSIP_EVENT_TX_MSG:
-               handle_outgoing(session, e->body.tx_msg.tdata);
                break;
        case PJSIP_EVENT_RX_MSG:
                handle_incoming(session, e->body.rx_msg.rdata, type,
@@ -2513,7 +2500,6 @@ static void session_inv_on_state_changed(pjsip_inv_session *inv, pjsip_event *e)
                /* Transaction state changes are prompted by some other underlying event. */
                switch(e->body.tsx_state.type) {
                case PJSIP_EVENT_TX_MSG:
-                       handle_outgoing(session, e->body.tsx_state.src.tdata);
                        break;
                case PJSIP_EVENT_RX_MSG:
                        handle_incoming(session, e->body.tsx_state.src.rdata, type,
@@ -2559,7 +2545,6 @@ static void session_inv_on_tsx_state_changed(pjsip_inv_session *inv, pjsip_trans
        }
        switch (e->body.tsx_state.type) {
        case PJSIP_EVENT_TX_MSG:
-               handle_outgoing(session, e->body.tsx_state.src.tdata);
                /* When we create an outgoing request, we do not have access to the transaction that
                 * is created. Instead, We have to place transaction-specific data in the tdata. Here,
                 * we transfer the data into the transaction. This way, when we receive a response, we