![(please configure the [header_logo] section in trac.ini)](/repos/chrome/site/pj.jpg)
Opened 12 years ago
Closed 12 years ago
#1497 closed defect (fixed)
Crash in pjsua destroy after an incoming call rejected with session timer too small
| Reported by: | nanang | Owned by: | bennylp |
|---|---|---|---|
| Priority: | normal | Milestone: | release-2.0-rc |
| Component: | pjsua-lib | Version: | trunk |
| Keywords: | Cc: | ||
| Backport to 1.x milestone: | Backported: |
Description
The call is terminated prematurely (before 100 response is sent), in a normal way (remote session timer value is too small than the minimum value specified), but call->inv pointer is not resetted to NULL. When pjsua is being destroyed, any access to the bad pointer call->inv, e.g: by pjsua_call_hangup_all(), will trigger crash.
Reproducible with python test scripts-sendto\174_timer_se_too_small.py.
Change History (1)
comment:1 Changed 12 years ago by nanang
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
(In [4102]) Fix #1497: reset call->inv to NULL whenever call is terminated prematurely (before completely attached to pjsua).