kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-31 18:55:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
debaf377be3337cc9e3ca81a0c7b555eaa7f78ec
asterisk/third-party/pjproject/patches/0006-r5477-svn-backport-Fix-DNS-write-on-freed-memory.patch
Richard Mudgett afecb2cfc0 bundled pjproject: Fix DNS write to freed memory. 
PJPROJECT 2.5.5 introduced a race condition with the -r5349 IPv6 DNS
patch.

The patch below fixes a write to freed memory under cartain DNS lookup
conditions.

0006-r5477-svn-backport-Fix-DNS-write-on-freed-memory.patch

ASTERISK-26516
Reported by:  Richard Mudgett

Change-Id: Ifdfae9ecf1e41b53080f33aab44ce1a220f349c5
2016-11-01 14:35:22 -05:00

34 lines
1.1 KiB
Diff
Raw Blame History

From 732a997010d60fe93a7453e809672386749b0afc Mon Sep 17 00:00:00 2001
From: Richard Mudgett <rmudgett@digium.com>
Date: Tue, 1 Nov 2016 12:55:31 -0500
Subject: [PATCH] r5477 svn backport Fix DNS write on freed memory.
Re #1974: Fix DNS write on freed memory.
Thanks to Richard Mudgett for the patch.
---
pjlib-util/src/pjlib-util/resolver.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/pjlib-util/src/pjlib-util/resolver.c b/pjlib-util/src/pjlib-util/resolver.c
index 52b7655..365772e 100644
--- a/pjlib-util/src/pjlib-util/resolver.c
+++ b/pjlib-util/src/pjlib-util/resolver.c
@@ -908,7 +908,13 @@ PJ_DEF(pj_status_t) pj_dns_resolver_start_query( pj_dns_resolver *resolver,
/* Must return PJ_SUCCESS */
status = PJ_SUCCESS;
- goto on_return;
+ /*
+ * We cannot write to *p_query after calling cb because what
+ * p_query points to may have been freed by cb.
+ * Refer to ticket #1974.
+ */
+ pj_mutex_unlock(resolver->mutex);
+ return status;
}
/* At this point, we have a cached entry, but this entry has expired.
--
1.7.9.5
Reference in New Issue View Git Blame Copy Permalink