sipwise
/
kamailio
mirror of https://github.com/sipwise/kamailio.git
1
0
Fork 0
Code Issues Releases Wiki Activity

MT#12987 debian: remove 4.1 patches from upstream already merged

Browse Source 
Change-Id: Ia0330d3ba8d89515135760c97cbed03f9437f05e
vseva/12691
Victor Seva 10 years ago
parent 50945583f1
commit 8f5a085584
11 changed files with 2 additions and 941 deletions
Show Stats Download Patch File Download Diff File

14
debian/patches/series vendored
Unescape View File

@ -16,17 +16,8 @@ upstream/0006-textops-fix-append_body_part.patch
upstream/core-new-internal-msg-flag-added-FL_RR_ADDED.patch
upstream/rr-use-internal-msg-flags-to-mark-a-request-with-rec.patch
# 4.1 upstream fixes
upstream/0001-exec-safety-check-against-bash-vulnerability-CVE-201.patch
upstream/0002-exec-add-parameter-to-control-the-option-for-bash-ex.patch
upstream/0004-dialog-set-again-the-dialog-ids-in-context-for-BYE-p.patch
upstream/0005-dialog-fixed-typo-copy-paste-oversight-to-dlg-pointe.patch
upstream/0006-core-helper-functions-to-get-addr-and-port-to-be-use.patch
upstream/0007-tm-use-advertised-addr-port-if-set-for-socket-in-rm-.patch
upstream/0008-mohqueue-fixed-db_qtable-parameter-name.patch
upstream/0009-rr-Fix-memory-leak-when-using-outbound.patch
upstream/0010-core-xavp-Fix-xavp_insert-to-prevent-corrupted-linke.patch
#
# fixes from master that are not in 4.2
upstream/0011-tm-safety-catch-inside-t_check_trans-when-already-in.patch
upstream/0012-tm-handle-BRANCH_FAILURE_ROUTE-in-t_check_trans-test.patch
#
no_lib64_on_64_bits.patch
@ -47,6 +38,5 @@ sipwise/rtpengine-compatibility.patch
sipwise/db_postgres-timeout
sipwise/usrloc_dbro.patch
sipwise/nathelper_socket_filter.patch
# testing
sipwise/0001-usrloc-db_update_addr-WHERE-columns-at-UPDATE-query-.patch
# backport from master
upstream/0001-nathelper-add-append_sdp_oldmediaip-parameter.patch

297
debian/patches/sipwise/0001-usrloc-db_update_addr-WHERE-columns-at-UPDATE-query-.patch vendored
Unescape View File

@ -1,297 +0,0 @@
From face0736ac2f1b037c3de2d701957b4f16208050 Mon Sep 17 00:00:00 2001
From: Victor Seva <linuxmaniac@torreviejawireless.org>
Date: Mon, 24 Nov 2014 14:48:16 +0100
Subject: [PATCH] usrloc: db_update_addr WHERE columns at UPDATE query
depending on matching_mode option
---
modules/usrloc/ucontact.c | 184 +++++++++++++++++++++++++++++-----------------
1 file changed, 118 insertions(+), 66 deletions(-)
--- a/modules/usrloc/ucontact.c
+++ b/modules/usrloc/ucontact.c
@@ -650,33 +650,17 @@
char* dom;
db_key_t keys1[4];
db_val_t vals1[4];
- int n1;
+ int n1 = 0;
- db_key_t keys2[15];
- db_val_t vals2[15];
- int nr_cols2;
+ db_key_t keys2[16];
+ db_val_t vals2[16];
+ int nr_cols2 = 0;
if (_c->flags & FL_MEM) {
return 0;
}
- keys2[0] = &expires_col;
- keys2[1] = &q_col;
- keys2[2] = &cseq_col;
- keys2[3] = &flags_col;
- keys2[4] = &cflags_col;
- keys2[5] = &user_agent_col;
- keys2[6] = &received_col;
- keys2[7] = &path_col;
- keys2[8] = &sock_col;
- keys2[9] = &methods_col;
- keys2[10] = &last_mod_col;
- keys2[11] = &ruid_col;
- keys2[12] = &instance_col;
- keys2[13] = &reg_id_col;
-
- n1 = 0;
keys1[n1] = &user_col;
vals1[n1].type = DB1_STR;
vals1[n1].nul = 0;
@@ -691,74 +675,140 @@
LM_DBG("contact:%.*s\n", vals1[n1].val.str_val.len, vals1[n1].val.str_val.s);
n1++;
- keys1[n1] = &callid_col;
- vals1[n1].type = DB1_STR;
- vals1[n1].nul = 0;
- vals1[n1].val.str_val = _c->callid;
- LM_DBG("callid:%.*s\n", vals1[n1].val.str_val.len, vals1[n1].val.str_val.s);
- n1++;
+ switch (matching_mode) {
+ case CONTACT_ONLY:
+ /* update call-id */
+ keys2[nr_cols2] = &callid_col;
+ vals2[nr_cols2].type = DB1_STR;
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.str_val = _c->callid;
+ nr_cols2++;
+ /* update path */
+ keys2[nr_cols2] = &path_col;
+ vals2[nr_cols2].type = DB1_STR;
+ if (_c->path.s == 0) {
+ vals2[nr_cols2].nul = 1;
+ } else {
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.str_val = _c->path;
+ }
+ nr_cols2++;
+ break;
+ case CONTACT_CALLID:
+ keys1[n1] = &callid_col;
+ vals1[n1].type = DB1_STR;
+ vals1[n1].nul = 0;
+ vals1[n1].val.str_val = _c->callid;
+ LM_DBG("callid:%.*s\n", vals1[n1].val.str_val.len, vals1[n1].val.str_val.s);
+ n1++;
+ /* update path */
+ keys2[nr_cols2] = &path_col;
+ vals2[nr_cols2].type = DB1_STR;
+ if (_c->path.s == 0) {
+ vals2[nr_cols2].nul = 1;
+ } else {
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.str_val = _c->path;
+ }
+ nr_cols2++;
+ break;
+ case CONTACT_PATH:
+ keys1[n1] = &path_col;
+ vals1[n1].type = DB1_STR;
+ if (_c->path.s == 0) {
+ vals1[n1].nul = 1;
+ LM_DBG("path: NULL\n");
+ } else {
+ vals1[n1].nul = 0;
+ vals1[n1].val.str_val = _c->path;
+ LM_DBG("path:%.*s\n", vals1[n1].val.str_val.len, vals1[n1].val.str_val.s);
+ }
+ n1++;
+ /* update call-id */
+ keys2[nr_cols2] = &callid_col;
+ vals2[nr_cols2].type = DB1_STR;
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.str_val = _c->callid;
+ nr_cols2++;
+ break;
+ default:
+ LM_CRIT("unknown matching_mode %d\n", matching_mode);
+ return -1;
+ }
+
+ keys2[nr_cols2] = &expires_col;
+ vals2[nr_cols2].type = DB1_DATETIME;
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.time_val = _c->expires;
+ nr_cols2++;
+
+ keys2[nr_cols2] = &q_col;
+ vals2[nr_cols2].type = DB1_DOUBLE;
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.double_val = q2double(_c->q);
+ nr_cols2++;
+
+ keys2[nr_cols2] = &cseq_col;
+ vals2[nr_cols2].type = DB1_INT;
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.int_val = _c->cseq;
+ nr_cols2++;
+
+ keys2[nr_cols2] = &flags_col;
+ vals2[nr_cols2].type = DB1_INT;
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.bitmap_val = _c->flags;
+ nr_cols2++;
- vals2[0].type = DB1_DATETIME;
- vals2[0].nul = 0;
- vals2[0].val.time_val = _c->expires;
-
- vals2[1].type = DB1_DOUBLE;
- vals2[1].nul = 0;
- vals2[1].val.double_val = q2double(_c->q);
-
- vals2[2].type = DB1_INT;
- vals2[2].nul = 0;
- vals2[2].val.int_val = _c->cseq;
-
- vals2[3].type = DB1_INT;
- vals2[3].nul = 0;
- vals2[3].val.bitmap_val = _c->flags;
-
- vals2[4].type = DB1_INT;
- vals2[4].nul = 0;
- vals2[4].val.bitmap_val = _c->cflags;
-
- vals2[5].type = DB1_STR;
- vals2[5].nul = 0;
- vals2[5].val.str_val = _c->user_agent;
+ keys2[nr_cols2] = &cflags_col;
+ vals2[nr_cols2].type = DB1_INT;
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.bitmap_val = _c->cflags;
+ nr_cols2++;
+
+ keys2[nr_cols2] = &user_agent_col;
+ vals2[nr_cols2].type = DB1_STR;
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.str_val = _c->user_agent;
+ nr_cols2++;
- vals2[6].type = DB1_STR;
+ keys2[nr_cols2] = &received_col;
+ vals2[nr_cols2].type = DB1_STR;
if (_c->received.s == 0) {
- vals2[6].nul = 1;
- } else {
- vals2[6].nul = 0;
- vals2[6].val.str_val = _c->received;
- }
-
- vals2[7].type = DB1_STR;
- if (_c->path.s == 0) {
- vals2[7].nul = 1;
+ vals2[nr_cols2].nul = 1;
} else {
- vals2[7].nul = 0;
- vals2[7].val.str_val = _c->path;
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.str_val = _c->received;
}
+ nr_cols2++;
- vals2[8].type = DB1_STR;
+ keys2[nr_cols2] = &sock_col;
+ vals2[nr_cols2].type = DB1_STR;
if (_c->sock) {
- vals2[8].val.str_val = _c->sock->sock_str;
- vals2[8].nul = 0;
+ vals2[nr_cols2].val.str_val = _c->sock->sock_str;
+ vals2[nr_cols2].nul = 0;
} else {
- vals2[8].nul = 1;
+ vals2[nr_cols2].nul = 1;
}
+ nr_cols2++;
- vals2[9].type = DB1_BITMAP;
+ keys2[nr_cols2] = &methods_col;
+ vals2[nr_cols2].type = DB1_BITMAP;
if (_c->methods == 0xFFFFFFFF) {
- vals2[9].nul = 1;
+ vals2[nr_cols2].nul = 1;
} else {
- vals2[9].val.bitmap_val = _c->methods;
- vals2[9].nul = 0;
+ vals2[nr_cols2].val.bitmap_val = _c->methods;
+ vals2[nr_cols2].nul = 0;
}
+ nr_cols2++;
- vals2[10].type = DB1_DATETIME;
- vals2[10].nul = 0;
- vals2[10].val.time_val = _c->last_modified;
+ keys2[nr_cols2] = &last_mod_col;
+ vals2[nr_cols2].type = DB1_DATETIME;
+ vals2[nr_cols2].nul = 0;
+ vals2[nr_cols2].val.time_val = _c->last_modified;
+ nr_cols2++;
- nr_cols2 = 11;
+ keys2[nr_cols2] = &ruid_col;
if(_c->ruid.len>0)
{
vals2[nr_cols2].type = DB1_STR;
@@ -769,6 +819,7 @@
}
nr_cols2++;
+ keys2[nr_cols2] = &instance_col;
if(_c->instance.len>0)
{
vals2[nr_cols2].type = DB1_STR;
@@ -779,6 +830,7 @@
}
nr_cols2++;
+ keys2[nr_cols2] = &reg_id_col;
vals2[nr_cols2].type = DB1_INT;
vals2[nr_cols2].nul = 0;
vals2[nr_cols2].val.int_val = (int)_c->reg_id;
@@ -1300,11 +1352,31 @@
vals[n].val.str_val = _c->c;
n++;
- keys[n] = &callid_col;
- vals[n].type = DB1_STR;
- vals[n].nul = 0;
- vals[n].val.str_val = _c->callid;
- n++;
+ switch (matching_mode) {
+ case CONTACT_ONLY:
+ break;
+ case CONTACT_CALLID:
+ keys[n] = &callid_col;
+ vals[n].type = DB1_STR;
+ vals[n].nul = 0;
+ vals[n].val.str_val = _c->callid;
+ n++;
+ break;
+ case CONTACT_PATH:
+ keys[n] = &path_col;
+ vals[n].type = DB1_STR;
+ if (_c->path.s == 0) {
+ vals[n].nul = 1;
+ } else {
+ vals[n].nul = 0;
+ vals[n].val.str_val = _c->path;
+ }
+ n++;
+ break;
+ default:
+ LM_CRIT("unknown matching_mode %d\n", matching_mode);
+ return -1;
+ }
if (use_domain) {
keys[n] = &domain_col;

44
debian/patches/upstream/0001-exec-safety-check-against-bash-vulnerability-CVE-201.patch vendored
Unescape View File

@ -1,44 +0,0 @@
From aebd010ee1ebff8a70877164fb7b508c1ca5503d Mon Sep 17 00:00:00 2001
From: Seudin Kasumovic <seudin.kasumovic@gmail.com>
Date: Thu, 25 Sep 2014 16:56:28 +0200
Subject: [PATCH] exec: safety check against bash vulnerability CVE-2014-6271
(cherry picked from commit d5d57c0df931c9d60432def919c837cc76e4ce42)
---
modules/exec/exec_hf.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/modules/exec/exec_hf.c b/modules/exec/exec_hf.c
index 3bc761b..d336070 100644
--- a/modules/exec/exec_hf.c
+++ b/modules/exec/exec_hf.c
@@ -256,12 +256,22 @@ static int print_hf_var(struct hf_wrapper *w, int offset)
memcpy(envvar, w->prefix, w->prefix_len); c=envvar+w->prefix_len;
memcpy(c, hname, hlen ); c+=hlen;
*c=EV_ASSIGN;c++;
- memcpy(c, w->u.hf->body.s+offset, w->u.hf->body.len );
- c+=w->u.hf->body.len;
+ if (!strncmp(w->u.hf->body.s,"() {",MIN(w->u.hf->body.len,4))) {
+ memcpy(c, w->u.hf->body.s+offset+2, w->u.hf->body.len-2 );
+ c+=(w->u.hf->body.len-2);
+ } else {
+ memcpy(c, w->u.hf->body.s+offset, w->u.hf->body.len );
+ c+=w->u.hf->body.len;
+ }
for (wi=w->next_same; wi; wi=wi->next_same) {
*c=HF_SEPARATOR;c++;
- memcpy(c, wi->u.hf->body.s+offset, wi->u.hf->body.len );
- c+=wi->u.hf->body.len;
+ if (!strncmp(w->u.hf->body.s,"() {",MIN(w->u.hf->body.len,4))) {
+ memcpy(c, w->u.hf->body.s+offset+2, w->u.hf->body.len-2 );
+ c+=(w->u.hf->body.len-2);
+ } else {
+ memcpy(c, w->u.hf->body.s+offset, w->u.hf->body.len );
+ c+=w->u.hf->body.len;
+ }
}
*c=0; /* zero termination */
LM_DBG("%s\n", envvar );
--
2.1.1

70
debian/patches/upstream/0002-exec-add-parameter-to-control-the-option-for-bash-ex.patch vendored
Unescape View File

@ -1,70 +0,0 @@
From cc40de5865b1758681f97b7d92c1fed533ed7c7f Mon Sep 17 00:00:00 2001
From: Daniel-Constantin Mierla <miconda@gmail.com>
Date: Thu, 25 Sep 2014 16:59:34 +0200
Subject: [PATCH] exec: add parameter to control the option for bash exec
safety check of CVE-2014-6271
- parameter: bash_safety - default is 1 (enabled), set to 0 to disable
- just in case someone needs that kind of header and knows what
he/she does
(cherry picked from commit 21eb073c25b66b110193f1607b93f256f7d9fdfa)
---
modules/exec/exec_hf.c | 6 ++++--
modules/exec/exec_mod.c | 2 ++
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/modules/exec/exec_hf.c b/modules/exec/exec_hf.c
index d336070..4fc248d 100644
--- a/modules/exec/exec_hf.c
+++ b/modules/exec/exec_hf.c
@@ -52,6 +52,8 @@
#include "../../char_msg_val.h"
#include "exec_hf.h"
+extern int exec_bash_safety;
+
/* should be environment variables set by header fields ? */
unsigned int setvars=1;
@@ -256,7 +258,7 @@ static int print_hf_var(struct hf_wrapper *w, int offset)
memcpy(envvar, w->prefix, w->prefix_len); c=envvar+w->prefix_len;
memcpy(c, hname, hlen ); c+=hlen;
*c=EV_ASSIGN;c++;
- if (!strncmp(w->u.hf->body.s,"() {",MIN(w->u.hf->body.len,4))) {
+ if (exec_bash_safety && !strncmp(w->u.hf->body.s,"() {",MIN(w->u.hf->body.len,4))) {
memcpy(c, w->u.hf->body.s+offset+2, w->u.hf->body.len-2 );
c+=(w->u.hf->body.len-2);
} else {
@@ -265,7 +267,7 @@ static int print_hf_var(struct hf_wrapper *w, int offset)
}
for (wi=w->next_same; wi; wi=wi->next_same) {
*c=HF_SEPARATOR;c++;
- if (!strncmp(w->u.hf->body.s,"() {",MIN(w->u.hf->body.len,4))) {
+ if (exec_bash_safety && !strncmp(w->u.hf->body.s,"() {",MIN(w->u.hf->body.len,4))) {
memcpy(c, w->u.hf->body.s+offset+2, w->u.hf->body.len-2 );
c+=(w->u.hf->body.len-2);
} else {
diff --git a/modules/exec/exec_mod.c b/modules/exec/exec_mod.c
index 86947c0..547fffb 100644
--- a/modules/exec/exec_mod.c
+++ b/modules/exec/exec_mod.c
@@ -44,6 +44,7 @@
MODULE_VERSION
unsigned int time_to_kill=0;
+int exec_bash_safety=1;
static int mod_init( void );
@@ -77,6 +78,7 @@ static cmd_export_t cmds[] = {
static param_export_t params[] = {
{"time_to_kill", INT_PARAM, &time_to_kill},
{"setvars", INT_PARAM, &setvars },
+ {"bash_safety", INT_PARAM, &exec_bash_safety },
{0, 0, 0}
};
--
2.1.1

28
debian/patches/upstream/0004-dialog-set-again-the-dialog-ids-in-context-for-BYE-p.patch vendored
Unescape View File

@ -1,28 +0,0 @@
From 6f9519b001a608af20787e0cfaf4a3a0d2dfc1fb Mon Sep 17 00:00:00 2001
From: Daniel-Constantin Mierla <miconda@gmail.com>
Date: Wed, 24 Sep 2014 23:46:00 +0200
Subject: [PATCH] dialog: set again the dialog ids in context for BYE
processing
- they can be reset by event route execution
(cherry picked from commit 5b733fa361afced0418947c965b256dbe7ae3a68)
---
modules/dialog/dlg_handlers.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/modules/dialog/dlg_handlers.c b/modules/dialog/dlg_handlers.c
index 45292b3..9ccdfe8 100644
--- a/modules/dialog/dlg_handlers.c
+++ b/modules/dialog/dlg_handlers.c
@@ -1280,6 +1280,7 @@ void dlg_onroute(struct sip_msg* req, str *route_params, void *param)
_dlg_ctx.cpid = my_pid();
_dlg_ctx.expect_t = 1;
+ dlg_set_ctx_iuid(dlg);
if_update_stat( dlg_enable_stats, active_dlgs, -1);
goto done;
--
2.1.1

36
debian/patches/upstream/0005-dialog-fixed-typo-copy-paste-oversight-to-dlg-pointe.patch vendored
Unescape View File

@ -1,36 +0,0 @@
From a8427ce51f8b4a31fa122844db8ceec9c728a1ac Mon Sep 17 00:00:00 2001
From: Daniel-Constantin Mierla <miconda@gmail.com>
Date: Fri, 26 Sep 2014 09:16:39 +0200
Subject: [PATCH] dialog: fixed typo/copy&paste oversight to dlg pointer name
in clean routine
- credits to Alex Balshov for report, troubleshooting and spotting the
fix
(cherry picked from commit 8e6c83182677ec234c5f44c5dfcb40e421a21bcb)
---
modules/dialog/dlg_hash.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/modules/dialog/dlg_hash.c b/modules/dialog/dlg_hash.c
index 8b94b01..4284801 100644
--- a/modules/dialog/dlg_hash.c
+++ b/modules/dialog/dlg_hash.c
@@ -250,11 +250,11 @@ int dlg_clean_run(ticks_t ti)
destroy_dlg(tdlg);
}
if(tdlg->state==DLG_STATE_CONFIRMED_NA && tdlg->start_ts<tm-60) {
- if(update_dlg_timer(&dlg->tl, 10)<0) {
+ if(update_dlg_timer(&tdlg->tl, 10)<0) {
LM_ERR("failed to update dialog lifetime in long non-ack state\n");
}
- dlg->lifetime = 10;
- dlg->dflags |= DLG_FLAG_CHANGED;
+ tdlg->lifetime = 10;
+ tdlg->dflags |= DLG_FLAG_CHANGED;
}
}
lock_set_release(d_table->locks, d_table->entries[i].lock_idx);
--
2.1.1

55
debian/patches/upstream/0006-core-helper-functions-to-get-addr-and-port-to-be-use.patch vendored
Unescape View File

@ -1,55 +0,0 @@
From a52c0024723a59d90c3c3966d5deadaf8b0d4440 Mon Sep 17 00:00:00 2001
From: Daniel-Constantin Mierla <miconda@gmail.com>
Date: Sun, 28 Sep 2014 12:48:53 +0200
Subject: [PATCH] core: helper functions to get addr and port to be used in
signaling from socket info (cherry picked from commit
c725f1dec14863e069bfd1e5c26857a1005528d5)
---
ip_addr.c | 21 +++++++++++++++++++++
ip_addr.h | 2 ++
2 files changed, 23 insertions(+)
diff --git a/ip_addr.c b/ip_addr.c
index 5f8881e..7175bd0 100644
--- a/ip_addr.c
+++ b/ip_addr.c
@@ -404,3 +404,24 @@ int ip_addr_match_net(ip_addr_t *iaddr, ip_addr_t *naddr,
return 0;
return -1;
}
+
+int si_get_signaling_data(struct socket_info *si, str **addr, str **port)
+{
+ if(si==NULL)
+ return -1;
+ if(addr) {
+ if(si->useinfo.name.len>0) {
+ *addr = &si->useinfo.name;
+ } else {
+ *addr = &si->address_str;
+ }
+ }
+ if(port) {
+ if(si->useinfo.port_no>0) {
+ *port = &si->useinfo.port_no_str;
+ } else {
+ *port = &si->port_no_str;
+ }
+ }
+ return 0;
+}
diff --git a/ip_addr.h b/ip_addr.h
index 20b3ec2..5806122 100644
--- a/ip_addr.h
+++ b/ip_addr.h
@@ -807,4 +807,6 @@ inline static void init_dst_from_rcv(struct dest_info* dst,
*/
int ip_addr_match_net(ip_addr_t *iaddr, ip_addr_t *naddr, int mask);
+int si_get_signaling_data(struct socket_info *si, str **addr, str **port);
+
#endif
--
2.1.1

45
debian/patches/upstream/0007-tm-use-advertised-addr-port-if-set-for-socket-in-rm-.patch vendored
Unescape View File

@ -1,45 +0,0 @@
From 88031fe50236f9eb1fc28309fd466e86d8c6b81b Mon Sep 17 00:00:00 2001
From: Daniel-Constantin Mierla <miconda@gmail.com>
Date: Sun, 28 Sep 2014 12:49:27 +0200
Subject: [PATCH] tm: use advertised addr/port if set for socket in rm rpc uac
commands
- reported by Juha Heinanen
(cherry picked from commit 131139883c03f3851ad99e96c59dfe3c349ec011)
---
modules/tm/rpc_uac.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/modules/tm/rpc_uac.c b/modules/tm/rpc_uac.c
index a305b63..507f4ae 100644
--- a/modules/tm/rpc_uac.c
+++ b/modules/tm/rpc_uac.c
@@ -156,12 +156,10 @@ static char *get_hfblock(str *uri, struct hdr_field *hf, int proto,
total_len = 0;
last = &sl;
last->next = 0;
+ sock_name = 0;
+ portname = 0;
if (ssock){
- sock_name = &ssock->address_str;
- portname = &ssock->port_no_str;
- }else{
- sock_name = 0;
- portname = 0;
+ si_get_signaling_data(ssock, &sock_name, &portname);
}
for (; hf; hf = hf->next) {
@@ -197,8 +195,7 @@ static char *get_hfblock(str *uri, struct hdr_field *hf, int proto,
" failed\n");
goto error;
}
- sock_name = &di.send_sock->address_str;
- portname = &di.send_sock->port_no_str;
+ si_get_signaling_data(di.send_sock, &sock_name, &portname);
}
if (!append_str_list(sock_name->s, sock_name->len, &last,
&total_len))
--
2.1.1

38
debian/patches/upstream/0008-mohqueue-fixed-db_qtable-parameter-name.patch vendored
Unescape View File

@ -1,38 +0,0 @@
From f3820f1a9837451b9209aa40ca5ab750e59fec19 Mon Sep 17 00:00:00 2001
From: Daniel-Constantin Mierla <miconda@gmail.com>
Date: Thu, 2 Oct 2014 10:18:11 +0200
Subject: [PATCH] mohqueue: fixed db_qtable parameter name
- reported by Marino Mileti
(cherry picked from commit 321575dcd18e42fe6c62942ef417dd8acf7f466d)
Conflicts:
modules/mohqueue/mohq.c
---
modules/mohqueue/mohq.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/modules/mohqueue/mohq.c b/modules/mohqueue/mohq.c
index 0c0d118..20a9ace 100644
--- a/modules/mohqueue/mohq.c
+++ b/modules/mohqueue/mohq.c
@@ -70,7 +70,7 @@ int moh_maxcalls = 50;
static param_export_t mod_parms [] = {
{ "db_url", STR_PARAM, &db_url },
{ "db_ctable", STR_PARAM, &db_ctable },
- { "db_ctable", STR_PARAM, &db_qtable },
+ { "db_qtable", STR_PARAM, &db_qtable },
{ "mohdir", STR_PARAM, &mohdir },
{ "moh_maxcalls", INT_PARAM, &moh_maxcalls },
{ NULL, 0, NULL },
@@ -439,4 +439,4 @@ if (pmod_data->pcall_lock->plock)
shm_free (pmod_data);
pmod_data = NULL;
return -1;
-}
\ No newline at end of file
+}
--
2.1.1

233
debian/patches/upstream/0009-rr-Fix-memory-leak-when-using-outbound.patch vendored
Unescape View File

@ -1,233 +0,0 @@
From 2d49bc59bb8084bfb8f4e1c89210d9e8c35781a8 Mon Sep 17 00:00:00 2001
From: Hugh Waite <hugh.waite@acision.com>
Date: Thu, 2 Oct 2014 18:37:00 +0100
Subject: [PATCH] rr: Fix memory leak when using outbound
- Flow token memory is freed after building the rr header
---
modules/rr/record.c | 78 ++++++++++++++++++++++++++++++++++++++---------------
1 file changed, 56 insertions(+), 22 deletions(-)
diff --git a/modules/rr/record.c b/modules/rr/record.c
index 3ccd452..00fa024 100644
--- a/modules/rr/record.c
+++ b/modules/rr/record.c
@@ -375,11 +375,12 @@ static int copy_flow_token(str *token, struct sip_msg *_m)
int record_route(struct sip_msg* _m, str *params)
{
struct lump* l, *l2;
- str user;
+ str user = {NULL, 0};
struct to_body* from = NULL;
str* tag;
int use_ob = rr_obb.use_outbound ? rr_obb.use_outbound(_m) : 0;
int sips;
+ int ret = 0;
user.len = 0;
@@ -406,7 +407,8 @@ int record_route(struct sip_msg* _m, str *params)
if (append_fromtag) {
if (parse_from_header(_m) < 0) {
LM_ERR("From parsing failed\n");
- return -2;
+ ret = -2;
+ goto error;
}
from = (struct to_body*)_m->from->parsed;
tag = &from->tag_value;
@@ -426,17 +428,20 @@ int record_route(struct sip_msg* _m, str *params)
l2 = anchor_lump(_m, _m->headers->name.s - _m->buf, 0, 0);
if (!l || !l2) {
LM_ERR("failed to create an anchor\n");
- return -5;
+ ret = -5;
+ goto error;
}
l = insert_cond_lump_after(l, COND_IF_DIFF_REALMS, 0);
l2 = insert_cond_lump_before(l2, COND_IF_DIFF_REALMS, 0);
if (!l || !l2) {
LM_ERR("failed to insert conditional lump\n");
- return -6;
+ ret = -6;
+ goto error;
}
if (build_rr(l, l2, &user, tag, params, OUTBOUND, sips) < 0) {
LM_ERR("failed to insert outbound Record-Route\n");
- return -7;
+ ret = -7;
+ goto error;
}
}
@@ -444,17 +449,24 @@ int record_route(struct sip_msg* _m, str *params)
l2 = anchor_lump(_m, _m->headers->name.s - _m->buf, 0, 0);
if (!l || !l2) {
LM_ERR("failed to create an anchor\n");
- return -3;
+ ret = -3;
+ goto error;
}
if (build_rr(l, l2, &user, tag, params, INBOUND, sips) < 0) {
LM_ERR("failed to insert inbound Record-Route\n");
- return -4;
+ ret = -4;
+ goto error;
}
/* reset the rr_param buffer */
rr_param_buf.len = 0;
- return 0;
+ ret = 0;
+error:
+ if ((use_ob == 1) || (use_ob == 2))
+ if (user.s != NULL)
+ pkg_free(user.s);
+ return ret;
}
@@ -470,7 +482,7 @@ int record_route(struct sip_msg* _m, str *params)
*/
int record_route_preset(struct sip_msg* _m, str* _data)
{
- str user;
+ str user = {NULL, 0};
struct to_body* from;
struct lump* l;
char* hdr, *p;
@@ -479,6 +491,7 @@ int record_route_preset(struct sip_msg* _m, str* _data)
char *rr_prefix;
int rr_prefix_len;
int sips;
+ int ret = 0;
sips = rr_is_sips(_m);
if(sips==0) {
@@ -513,7 +526,8 @@ int record_route_preset(struct sip_msg* _m, str* _data)
if (append_fromtag) {
if (parse_from_header(_m) < 0) {
LM_ERR("From parsing failed\n");
- return -2;
+ ret = -2;
+ goto error;
}
from = (struct to_body*)_m->from->parsed;
}
@@ -521,7 +535,8 @@ int record_route_preset(struct sip_msg* _m, str* _data)
l = anchor_lump(_m, _m->headers->name.s - _m->buf, 0, HDR_RECORDROUTE_T);
if (!l) {
LM_ERR("failed to create lump anchor\n");
- return -3;
+ ret = -3;
+ goto error;
}
hdr_len = rr_prefix_len;
@@ -544,7 +559,8 @@ int record_route_preset(struct sip_msg* _m, str* _data)
hdr = pkg_malloc(hdr_len);
if (!hdr) {
LM_ERR("no pkg memory left\n");
- return -4;
+ ret = -4;
+ goto error;
}
p = hdr;
@@ -581,9 +597,15 @@ int record_route_preset(struct sip_msg* _m, str* _data)
if (!insert_new_lump_after(l, hdr, hdr_len, 0)) {
LM_ERR("failed to insert new lump\n");
pkg_free(hdr);
- return -5;
+ ret = -5;
+ goto error;
}
- return 1;
+ ret = 1;
+error:
+ if ((use_ob == 1) || (use_ob == 2))
+ if (user.s != NULL)
+ pkg_free(user.s);
+ return ret;
}
/*!
@@ -723,12 +745,13 @@ lump_err:
int record_route_advertised_address(struct sip_msg* _m, str* _data)
{
- str user;
+ str user = {NULL, 0};
str *tag = NULL;
struct lump* l;
struct lump* l2;
int use_ob = rr_obb.use_outbound ? rr_obb.use_outbound(_m) : 0;
int sips;
+ int ret = 0;
user.len = 0;
user.s = 0;
@@ -753,7 +776,8 @@ int record_route_advertised_address(struct sip_msg* _m, str* _data)
if (append_fromtag) {
if (parse_from_header(_m) < 0) {
LM_ERR("From parsing failed\n");
- return -2;
+ ret = -2;
+ goto error;
}
tag = &((struct to_body*)_m->from->parsed)->tag_value;
}
@@ -765,18 +789,21 @@ int record_route_advertised_address(struct sip_msg* _m, str* _data)
l2 = anchor_lump(_m, _m->headers->name.s - _m->buf, 0, 0);
if (!l || !l2) {
LM_ERR("failed to create an anchor\n");
- return -3;
+ ret = -3;
+ goto error;
}
l = insert_cond_lump_after(l, COND_IF_DIFF_PROTO, 0);
l2 = insert_cond_lump_before(l2, COND_IF_DIFF_PROTO, 0);
if (!l || !l2) {
LM_ERR("failed to insert conditional lump\n");
- return -4;
+ ret = -4;
+ goto error;
}
if (build_advertised_rr(l, l2, _data, &user, tag, OUTBOUND,
sips) < 0) {
LM_ERR("failed to insert outbound Record-Route\n");
- return -5;
+ ret = -5;
+ goto error;
}
}
@@ -784,14 +811,21 @@ int record_route_advertised_address(struct sip_msg* _m, str* _data)
l2 = anchor_lump(_m, _m->headers->name.s - _m->buf, 0, 0);
if (!l || !l2) {
LM_ERR("failed to create an anchor\n");
- return -6;
+ ret = -6;
+ goto error;
}
if (build_advertised_rr(l, l2, _data, &user, tag, INBOUND, sips) < 0) {
LM_ERR("failed to insert outbound Record-Route\n");
- return -7;
+ ret = -7;
+ goto error;
}
- return 1;
+ ret = 1;
+error:
+ if ((use_ob == 1) || (use_ob == 2))
+ if (user.s != NULL)
+ pkg_free(user.s);
+ return ret;
}
--
2.1.1

83
debian/patches/upstream/0010-core-xavp-Fix-xavp_insert-to-prevent-corrupted-linke.patch vendored
Unescape View File

@ -1,83 +0,0 @@
From 58746ce4966b254cb465045cb517f652a24a5317 Mon Sep 17 00:00:00 2001
From: Hugh Waite <hugh.waite@acision.com>
Date: Wed, 8 Oct 2014 19:01:20 +0100
Subject: [PATCH] core: xavp: Fix xavp_insert to prevent corrupted linked lists
- Inserting data at a given index will pad the xavp with XTYPE_NULL entries
- Inserting data will replace a NULL entry if present
(cherry picked from commit 1828c8ab644243878fc6db9ff0f2592e656dc09a)
---
xavp.c | 34 +++++++++++++++++++---------------
1 file changed, 19 insertions(+), 15 deletions(-)
diff --git a/xavp.c b/xavp.c
index 5f51731..0d73fd3 100644
--- a/xavp.c
+++ b/xavp.c
@@ -694,44 +694,48 @@ sr_xavp_t *xavp_clone_level_nodata(sr_xavp_t *xold)
int xavp_insert(sr_xavp_t *xavp, int idx, sr_xavp_t **list)
{
sr_xavp_t *crt = 0;
- sr_xavp_t *fst = 0;
sr_xavp_t *lst = 0;
sr_xval_t val;
int n = 0;
int i = 0;
- if(idx==0)
+ crt = xavp_get_internal(&xavp->name, list, 0, NULL);
+
+ if (idx == 0 && (!crt || crt->val.type != SR_XTYPE_NULL))
return xavp_add(xavp, list);
- crt = xavp_get_internal(&xavp->name, list, 0, 0);
while(crt!=NULL && n<idx) {
lst = crt;
n++;
crt = xavp_get_next(lst);
}
+
+ if (crt && crt->val.type == SR_XTYPE_NULL) {
+ xavp->next = crt->next;
+ crt->next = xavp;
+
+ xavp_rm(crt, list);
+ return 0;
+ }
+
memset(&val, 0, sizeof(sr_xval_t));
val.type = SR_XTYPE_NULL;
for(i=0; i<idx-n; i++) {
- crt = xavp_add_value(&xavp->name, &val, list);
+ crt = xavp_new_value(&xavp->name, &val);
if(crt==NULL)
return -1;
- if(fst==NULL)
- fst = crt;
- if(lst==NULL) {
- if(xavp_add(crt, list)<0)
- return -1;
+ if (lst == NULL) {
+ crt->next = *list;
+ *list = crt;
} else {
crt->next = lst->next;
lst->next = crt;
}
+ lst = crt;
}
- if(fst==NULL) {
- return xavp_add(xavp, list);
- } else {
- xavp->next = fst->next;
- fst->next = xavp;
- }
+ xavp->next = lst->next;
+ lst->next = xavp;
return 0;
}
--
2.1.1
Write Preview
Loading…
Cancel
Save