res_pjsip_session: segfault on already disconnected session

On heavy loaded system the TCP/TLS incoming calls could be disconnected by pjproject while these calls are being processed by asterisk which could use the session's memory pools. If the session in the disconnected state then the session memory pools were already freed, so we get segfault. This patch adds a lifetime control on an INVITE session to pjproject. The lifetime of the session is manipulated by calling pjsip_inv_add_ref/pjsip_inv_dec_ref. This patch uses these functions to inform pjproject that the session is in use. This patch adds check if the session state is not disconnected and also checks if the memory pool is not NULL. This patch also places tasks 'session_end' and 'session_end_completion' into session's serializer to avoid race condition. ASTERISK-26291 #close Change-Id: I4d28b1fb3b91f0492a911d110049d670fdc3c8d7
2025-10-12 15:45:18 +00:00 · 2016-08-18 15:45:59 -04:00
parent cab6975b02
commit 9bca895469
6 changed files with 403 additions and 9 deletions
--- a/third-party/pjproject/configure.m4
+++ b/third-party/pjproject/configure.m4
@@ -45,4 +45,5 @@ AC_DEFUN([PJPROJECT_CONFIGURE],
 	PJPROJECT_SYMBOL_CHECK([PJSIP_EXTERNAL_RESOLVER], [pjsip_endpt_set_ext_resolver], [pjsip.h])
 	AC_DEFINE([HAVE_PJSIP_TLS_TRANSPORT_PROTO], 1, [Define if your system has PJSIP_TLS_TRANSPORT_PROTO])
 	AC_DEFINE([HAVE_PJSIP_EVSUB_GRP_LOCK], 1, [Define if your system has PJSIP_EVSUB_GRP_LOCK])
+	AC_DEFINE([HAVE_PJSIP_INV_SESSION_REF], 1, [Define if your system has PJSIP_INV_SESSION_REF])
 ])