Module: kamailio Branch: master Commit: 60ffee9cf54ff362026497036935746c9dbe62e5 URL: https://github.com/kamailio/kamailio/commit/60ffee9cf54ff362026497036935746c9dbe62e5
Author: Stefan Mititelu <[email protected]> Committer: Stefan Mititelu <[email protected]> Date: 2015-08-11T15:40:12+03:00 dtrie: Set child to NULL when run out of SHM The stop condition in dtrie_delete is node==NULL. Suppose the case when there is no SHM memory left when trying to dtrie_insert(). The memory gets freed by shm_free() but the pointer still points to it. This leads to segfault when dtrie_delete tries to access that memory zone, in the given case. GDB says: "Cannot access memory at address 0x1130000001d" --- Modified: lib/trie/dtrie.c --- Diff: https://github.com/kamailio/kamailio/commit/60ffee9cf54ff362026497036935746c9dbe62e5.diff Patch: https://github.com/kamailio/kamailio/commit/60ffee9cf54ff362026497036935746c9dbe62e5.patch --- diff --git a/lib/trie/dtrie.c b/lib/trie/dtrie.c index a57f85d..2883829 100644 --- a/lib/trie/dtrie.c +++ b/lib/trie/dtrie.c @@ -152,6 +152,7 @@ int dtrie_insert(struct dtrie_node_t *root, const char *number, const unsigned i if(node->child[digit]->child == NULL){ SHM_MEM_ERROR; shm_free(node->child[digit]); + node->child[digit] = NULL; return -1; } LM_DBG("allocate %lu bytes for %d root children pointer at %p\n", _______________________________________________ sr-dev mailing list [email protected] http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
