Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Open sidebar
savoirfairelinux
jami-daemon
Commits
d43c1927
Commit
d43c1927
authored
Jul 12, 2021
by
Olivier Dion
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ice_transport: Fix use after free of pj_pool
Gitlab:
#583
Change-Id: Iddd1b582595daee498b383a11c6323546d14bef4
parent
8be23c43
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
15 additions
and
6 deletions
+15
-6
src/ice_transport.cpp
src/ice_transport.cpp
+12
-4
src/ice_transport.h
src/ice_transport.h
+3
-2
No files found.
src/ice_transport.cpp
View file @
d43c1927
...
...
@@ -213,6 +213,8 @@ public:
std
::
atomic_bool
destroying_
{
false
};
onShutdownCb
scb
{};
std
::
shared_ptr
<
pj_caching_pool
>
cp_
;
};
//==============================================================================
...
...
@@ -331,6 +333,7 @@ IceTransport::Impl::Impl(const char* name, const IceTransportOptions& options)
upnp_
.
reset
(
new
upnp
::
Controller
());
auto
&
iceTransportFactory
=
Manager
::
instance
().
getIceTransportFactory
();
cp_
=
iceTransportFactory
.
getPoolCaching
();
config_
=
iceTransportFactory
.
getIceCfg
();
// config copy
if
(
options
.
tcpEnable
)
{
config_
.
protocol
=
PJ_ICE_TP_TCP
;
...
...
@@ -1696,13 +1699,18 @@ IceTransport::link() const
//==============================================================================
IceTransportFactory
::
IceTransportFactory
()
:
cp_
()
:
cp_
(
new
pj_caching_pool
(),
[](
pj_caching_pool
*
p
){
pj_caching_pool_destroy
(
p
);
delete
p
;
})
,
ice_cfg_
()
{
sip_utils
::
register_thread
();
pj_caching_pool_init
(
&
cp_
,
NULL
,
0
);
pj_caching_pool_init
(
cp_
.
get
(),
NULL
,
0
);
pj_ice_strans_cfg_default
(
&
ice_cfg_
);
ice_cfg_
.
stun_cfg
.
pf
=
&
cp_
.
factory
;
ice_cfg_
.
stun_cfg
.
pf
=
&
cp_
->
factory
;
// v2.4.5 of PJNATH has a default of 100ms but RFC 5389 since version 14 requires
// a minimum of 500ms on fixed-line links. Our usual case is wireless links.
...
...
@@ -1715,7 +1723,7 @@ IceTransportFactory::IceTransportFactory()
IceTransportFactory
::~
IceTransportFactory
()
{
pj_caching_pool_destroy
(
&
cp_
);
}
std
::
shared_ptr
<
IceTransport
>
...
...
src/ice_transport.h
View file @
d43c1927
...
...
@@ -279,10 +279,11 @@ public:
* PJSIP specifics
*/
pj_ice_strans_cfg
getIceCfg
()
const
{
return
ice_cfg_
;
}
pj_pool_factory
*
getPoolFactory
()
{
return
&
cp_
.
factory
;
}
pj_pool_factory
*
getPoolFactory
()
{
return
&
cp_
->
factory
;
}
std
::
shared_ptr
<
pj_caching_pool
>
getPoolCaching
()
{
return
cp_
;
}
private:
pj_caching_pool
cp_
;
std
::
shared_ptr
<
pj_caching_pool
>
cp_
;
pj_ice_strans_cfg
ice_cfg_
;
};
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
