[sr-dev] git:kamailio_3.0: core: switch(string) memleak fix

Mon, 11 Oct 2010 02:44:32 -0700 

Module: sip-router
Branch: kamailio_3.0
Commit: 335743621f54220e58c2f3da2712dcae837b31a0
URL:    
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=335743621f54220e58c2f3da2712dcae837b31a0

Author: Andrei Pelinescu-Onciul <[email protected]>
Committer: Andrei Pelinescu-Onciul <[email protected]>
Date:   Sun Sep 26 21:28:47 2010 +0200

core: switch(string) memleak fix

When a switch(string) is used and one of the case blocks exits the
script (by drop, exit or a module function that causes the script
to end), the dynamic string rvals were not cleaned up.
This happened because run_actions() uses longjmp() to quickly end
the script (skipping this way over the cleanups done after the
run_actions() call).

Reported-by: Daniel-Constantin Mierla <[email protected]>
Reported-by: C�sar Pinto Mag�n  Cesar.Pinto a-e es
(cherry picked from commit 6ab93de37f2f1991d3406f52ac9502a7c795ef55)

---

 action.c |   22 ++++++++++++++++++++++
 1 files changed, 22 insertions(+), 0 deletions(-)

diff --git a/action.c b/action.c
index 4edf023..315cffb 100644
--- a/action.c
+++ b/action.c
@@ -1089,17 +1089,39 @@ sw_jt_def:
                                          regexec(mct->match[i].l.regex, s.s, 
0, 0, 0) == 0)
                                        ){
                                        if (likely(mct->jump[i])){
+                                               /* make sure we cleanup first, 
in case run_actions()
+                                                  exits the script directly 
via longjmp() */
+                                               if (rv1){
+                                                       rval_destroy(rv1);
+                                                       rval_destroy(rv);
+                                                       rval_cache_clean(&c1);
+                                               }else if (rv){
+                                                       rval_destroy(rv);
+                                                       rval_cache_clean(&c1);
+                                               }
                                                ret=run_actions(h, 
mct->jump[i], msg);
                                                h->run_flags &= ~BREAK_R_F; /* 
catch breaks, but let
                                                                                
                           returns passthrough */
+                                               break;
                                        }
                                        goto match_cleanup;
                                }
 match_cond_def:
                        if (mct->def){
+                               /* make sure we cleanup first, in case 
run_actions()
+                                  exits the script directly via longjmp() */
+                               if (rv1){
+                                       rval_destroy(rv1);
+                                       rval_destroy(rv);
+                                       rval_cache_clean(&c1);
+                               }else if (rv){
+                                       rval_destroy(rv);
+                                       rval_cache_clean(&c1);
+                               }
                                ret=run_actions(h, mct->def, msg);
                                h->run_flags &= ~BREAK_R_F; /* catch breaks, 
but let
                                                                                
           returns passthrough */
+                               break;
                        }
 match_cleanup:
                        if (rv1){



_______________________________________________
sr-dev mailing list
[email protected]
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev

Reply via email to