Changeset 3031


Ignore:
Timestamp:
Dec 10, 2009 5:16:23 AM (11 years ago)
Author:
bennylp
Message:

Ticket #1002: Crash when adding/removing buddies (thanks Nikolay Popok and Robert Cichielo for the reports)

  • the timer associated with a buddy is not removed when buddy is deleted, causing crash later on in timer heap. Fixed.
  • when fails to send the initial SUBSCRIBE request, the dialog associated with buddy subscription will have been destroyed in the callback, causing any subsequent "pjsip_dlg_dec_lock(buddy->dlg)" call to crash. Fixed by protecting the call with "if (buddy->dlg)".
Location:
pjproject/trunk/pjsip/src
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • pjproject/trunk/pjsip/src/pjsip/sip_dialog.c

    r2936 r3031  
    855855PJ_DEF(void) pjsip_dlg_dec_lock(pjsip_dialog *dlg) 
    856856{ 
     857    PJ_ASSERT_ON_FAIL(dlg!=NULL, return); 
     858 
    857859    PJ_LOG(6,(dlg->obj_name, "Entering pjsip_dlg_dec_lock(), sess_count=%d",  
    858860              dlg->sess_count)); 
  • pjproject/trunk/pjsip/src/pjsua-lib/pjsua_pres.c

    r3021 r3031  
    508508    pjsua_var.buddy[buddy_id].uri.slen = 0; 
    509509    pjsua_var.buddy_cnt--; 
     510 
     511    /* Clear timer */ 
     512    if (pjsua_var.buddy[buddy_id].timer.id) { 
     513        pjsua_cancel_timer(&pjsua_var.buddy[buddy_id].timer); 
     514        pjsua_var.buddy[buddy_id].timer.id = PJ_FALSE; 
     515    } 
    510516 
    511517    /* Reset buddy struct */ 
     
    17291735         * referencing it 
    17301736         */ 
    1731         pjsip_dlg_dec_lock(buddy->dlg); 
     1737        if (buddy->dlg) pjsip_dlg_dec_lock(buddy->dlg); 
    17321738        if (tmp_pool) pj_pool_release(tmp_pool); 
    17331739        return; 
     
    17621768    status = pjsip_pres_initiate(buddy->sub, -1, &tdata); 
    17631769    if (status != PJ_SUCCESS) { 
    1764         pjsip_dlg_dec_lock(buddy->dlg); 
     1770        if (buddy->dlg) pjsip_dlg_dec_lock(buddy->dlg); 
    17651771        if (buddy->sub) { 
    17661772            pjsip_pres_terminate(buddy->sub, PJ_FALSE); 
     
    17771783    status = pjsip_pres_send_request(buddy->sub, tdata); 
    17781784    if (status != PJ_SUCCESS) { 
    1779         pjsip_dlg_dec_lock(buddy->dlg); 
     1785        if (buddy->dlg) pjsip_dlg_dec_lock(buddy->dlg); 
    17801786        if (buddy->sub) { 
    17811787            pjsip_pres_terminate(buddy->sub, PJ_FALSE); 
     
    20102016        pjsua_perror(THIS_FILE, "Error creating MWI subscription", status); 
    20112017        if (tmp_pool) pj_pool_release(tmp_pool); 
    2012         pjsip_dlg_dec_lock(acc->mwi_dlg); 
     2018        if (acc->mwi_dlg) pjsip_dlg_dec_lock(acc->mwi_dlg); 
    20132019        return; 
    20142020    } 
     
    20422048    status = pjsip_mwi_initiate(acc->mwi_sub, -1, &tdata); 
    20432049    if (status != PJ_SUCCESS) { 
    2044         pjsip_dlg_dec_lock(acc->mwi_dlg); 
     2050        if (acc->mwi_dlg) pjsip_dlg_dec_lock(acc->mwi_dlg); 
    20452051        if (acc->mwi_sub) { 
    20462052            pjsip_pres_terminate(acc->mwi_sub, PJ_FALSE); 
     
    20582064    status = pjsip_pres_send_request(acc->mwi_sub, tdata); 
    20592065    if (status != PJ_SUCCESS) { 
    2060         pjsip_dlg_dec_lock(acc->mwi_dlg); 
     2066        if (acc->mwi_dlg) pjsip_dlg_dec_lock(acc->mwi_dlg); 
    20612067        if (acc->mwi_sub) { 
    20622068            pjsip_pres_terminate(acc->mwi_sub, PJ_FALSE); 
Note: See TracChangeset for help on using the changeset viewer.