From: Scott Griepentrog Date: Wed, 26 Feb 2014 19:00:07 +0000 (+0000) Subject: pjsip: avoid edge case potential crash in answer() X-Git-Tag: 12.2.0-rc1~125 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=33d60bed468ead3fb325ac196dfb89485eda0dd5;p=thirdparty%2Fasterisk.git pjsip: avoid edge case potential crash in answer() When accidentally compiling against a wrong version of pjsip headers with a different pjsip_inv_session size, the invite_tsx structure could be null in the answer() function. This led to a crash because it attempted to send the session response with an uninitialized packet pointer. This patch presets packet to null and adds a diagnostic log message to explain why the call fails. Review: https://reviewboard.asterisk.org/r/3267/ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@408970 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/channels/chan_pjsip.c b/channels/chan_pjsip.c index af0496a900..e324b3347c 100644 --- a/channels/chan_pjsip.c +++ b/channels/chan_pjsip.c @@ -438,12 +438,15 @@ static struct ast_channel *chan_pjsip_new(struct ast_sip_session *session, int s static int answer(void *data) { pj_status_t status = PJ_SUCCESS; - pjsip_tx_data *packet; + pjsip_tx_data *packet = NULL; struct ast_sip_session *session = data; pjsip_dlg_inc_lock(session->inv_session->dlg); if (session->inv_session->invite_tsx) { status = pjsip_inv_answer(session->inv_session, 200, NULL, NULL, &packet); + } else { + ast_log(LOG_ERROR,"Cannot answer '%s' because there is no associated SIP transaction\n", + ast_channel_name(session->channel)); } pjsip_dlg_dec_lock(session->inv_session->dlg);