retronetworking
/
chan-capi
mirror of https://github.com/MelwareDE/chan-capi
12
0
Fork 0
Code Issues Projects Releases Wiki Activity

Error in 'capidev_acquire_locks_from_thread_context' for asterisk >= 1.8. ast_channel_unlock was called after ast_channel_unref. In case ast_channel_unref released channel memory this resulted in access to already freed memory area

Browse Source
master
MelwareDE 11 years ago
parent dcbb83ac1f
commit 9fdc04e405
1 changed files with 3 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      chan_capi.c

4
chan_capi.c
Unescape View File

@ -5729,10 +5729,11 @@ static struct ast_channel* capidev_acquire_locks_from_thread_context(struct capi
cc_mutex_lock(&i->lock);
owner = i->owner;
if (likely(owner != 0)) {
struct ast_channel *ref_owner = owner;
ast_channel_ref (owner);
cc_mutex_unlock(&i->lock);
ast_channel_lock(owner);
ast_channel_unref (owner);
cc_mutex_lock(&i->lock);
if (unlikely(i->owner == 0)) {
cc_mutex_unlock (&i->lock);
@ -5740,6 +5741,7 @@ static struct ast_channel* capidev_acquire_locks_from_thread_context(struct capi
cc_mutex_lock (&i->lock);
owner = 0;
}
ast_channel_unref (ref_owner);
}
#else
for (;;) {

Write Preview
Loading…
Cancel
Save