Changeset 6160 for pjproject

Timestamp:

Feb 7, 2020 8:20:56 AM (4 years ago)

Author:

ming

Message:

Re #2264: Fixed crash if pjsua_var.acc[acc_id].regc is NULL
Note that the regc instance itself hasn't been destroyed since the refcount has been incremented, but acc->regc can already be NULL-ed.

File:

• pjproject/trunk/pjsip/src/pjsua-lib/pjsua_acc.c (modified) (2 diffs)

pjproject/trunk/pjsip/src/pjsua-lib/pjsua_acc.c

@@ -2762 +2762 @@
 
     if (status == PJ_SUCCESS) {
+        pjsip_regc *regc = pjsua_var.acc[acc_id].regc;
+
         if (pjsua_var.acc[acc_id].cfg.allow_via_rewrite &&
             pjsua_var.acc[acc_id].via_addr.host.slen > 0)
@@ -2782 +2784 @@
          * deadlock while making sure that regc won't be destroyed.
          */
-        pjsip_regc_add_ref(pjsua_var.acc[acc_id].regc);
+        pjsip_regc_add_ref(regc);
         PJSUA_UNLOCK();
         
         //pjsua_process_msg_data(tdata, NULL);
-        status = pjsip_regc_send( pjsua_var.acc[acc_id].regc, tdata );
+        status = pjsip_regc_send( regc, tdata );
         
         PJSUA_LOCK();
-        if (pjsip_regc_dec_ref(pjsua_var.acc[acc_id].regc) == PJ_EGONE) {
+        if (pjsip_regc_dec_ref(regc) == PJ_EGONE) {
             /* regc has been deleted. */
             goto on_return;