From a6b4b869835fce3602a3179050f404fdf7333dc6 Mon Sep 17 00:00:00 2001 From: smititelu Date: Wed, 24 Feb 2016 09:15:27 +0100 Subject: [PATCH 1/2] Fix segfault when ps->component=0 --- daemon/call.c | 1 + 1 file changed, 1 insertion(+) diff --git a/daemon/call.c b/daemon/call.c index f4eb3fe71..252b2c633 100644 --- a/daemon/call.c +++ b/daemon/call.c @@ -781,6 +781,7 @@ static void __assign_stream_fds(struct call_media *media, GQueue *intf_sfds) { il = l->data; sfd = g_queue_peek_nth(&il->list, ps->component - 1); + if (!sfd) return ; sfd->stream = ps; g_queue_push_tail(&ps->sfds, sfd); From 5e7640b4c4b8fee48f1494436ef7ac1918837b48 Mon Sep 17 00:00:00 2001 From: Stefan Mititelu Date: Wed, 24 Feb 2016 10:41:10 +0100 Subject: [PATCH 2/2] Add/Retrieve ps->component to/from redis Avoid segfault that happened when ps->component=0 (only when redis involved). If redis involved, ps structure is initially 0'ed before restoring. Currently the ps->component is not restored and leads to the above segfault. --- daemon/redis.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/daemon/redis.c b/daemon/redis.c index cb1b674f4..d0ba67c33 100644 --- a/daemon/redis.c +++ b/daemon/redis.c @@ -674,6 +674,8 @@ static int redis_streams(struct call *c, struct redis_list *streams) { atomic64_set_na(&ps->last_packet, time(NULL)); if (redis_hash_get_unsigned((unsigned int *) &ps->ps_flags, rh, "ps_flags")) return -1; + if (redis_hash_get_unsigned((unsigned int *) &ps->component, rh, "component")) + return -1; if (redis_hash_get_endpoint(&ps->endpoint, rh, "endpoint")) return -1; if (redis_hash_get_endpoint(&ps->advertised_endpoint, rh, "advertised_endpoint")) @@ -1318,7 +1320,7 @@ void redis_update(struct call *c, struct redis *r) { redis_pipe(r, "HMSET stream-"PB"-%u media %u sfd %u rtp_sink %u " "rtcp_sink %u rtcp_sibling %u last_packet "UINT64F" " - "ps_flags %u", + "ps_flags %u component %u", STR(&c->callid), ps->unique_id, ps->media->unique_id, ps->selected_sfd ? ps->selected_sfd->unique_id : -1, @@ -1326,7 +1328,8 @@ void redis_update(struct call *c, struct redis *r) { ps->rtcp_sink ? ps->rtcp_sink->unique_id : -1, ps->rtcp_sibling ? ps->rtcp_sibling->unique_id : -1, atomic64_get(&ps->last_packet), - ps->ps_flags); + ps->ps_flags, + ps->component); redis_update_endpoint(r, "stream", &c->callid, ps->unique_id, "endpoint", &ps->endpoint); redis_update_endpoint(r, "stream", &c->callid, ps->unique_id, "advertised_endpoint", &ps->advertised_endpoint);