From dc8e3a807645f23072ec093697cb75c89c5c6e70 Mon Sep 17 00:00:00 2001 From: Nanang Izzuddin Date: Thu, 30 Nov 2023 10:16:07 +0700 Subject: [PATCH 1/2] Fix CID: 1527652, 1524421, 1524414, 1524392 --- pjmedia/src/pjmedia/conference.c | 6 +++++- pjsip-apps/src/pjsua/pjsua_app.c | 4 +++- pjsip/src/pjsip-simple/publishc.c | 4 +++- pjsip/src/pjsip/sip_transaction.c | 18 +++++++++++++----- 4 files changed, 24 insertions(+), 8 deletions(-) diff --git a/pjmedia/src/pjmedia/conference.c b/pjmedia/src/pjmedia/conference.c index 8b53798ad3..28d1d5b042 100644 --- a/pjmedia/src/pjmedia/conference.c +++ b/pjmedia/src/pjmedia/conference.c @@ -1049,6 +1049,7 @@ PJ_DEF(pj_status_t) pjmedia_conf_disconnect_port( pjmedia_conf *conf, unsigned sink_slot ) { struct conf_port *src_port, *dst_port; + pj_bool_t no_conn = PJ_FALSE; unsigned i; /* Check arguments */ @@ -1098,9 +1099,12 @@ PJ_DEF(pj_status_t) pjmedia_conf_disconnect_port( pjmedia_conf *conf, pjmedia_delay_buf_reset(src_port->delay_buf); } + /* Evaluate connect_cnt with mutex, but pause sound dev outside mutex */ + no_conn = (conf->connect_cnt == 0); + pj_mutex_unlock(conf->mutex); - if (conf->connect_cnt == 0) { + if (no_conn) { pause_sound(conf); } diff --git a/pjsip-apps/src/pjsua/pjsua_app.c b/pjsip-apps/src/pjsua/pjsua_app.c index b6eeda3483..de0e7b77c1 100644 --- a/pjsip-apps/src/pjsua/pjsua_app.c +++ b/pjsip-apps/src/pjsua/pjsua_app.c @@ -1111,8 +1111,10 @@ void on_ip_change_progress(pjsua_ip_change_op op, case PJSUA_IP_CHANGE_OP_COMPLETED: pj_ansi_snprintf(info_str, sizeof(info_str), "done"); + break; default: - info_str[0] = '\0'; + pj_ansi_snprintf(info_str, sizeof(info_str), + "unknown-op"); break; } PJ_LOG(3,(THIS_FILE, "IP change progress report : %s", info_str)); diff --git a/pjsip/src/pjsip-simple/publishc.c b/pjsip/src/pjsip-simple/publishc.c index a18a32f9ae..58222eea1f 100644 --- a/pjsip/src/pjsip-simple/publishc.c +++ b/pjsip/src/pjsip-simple/publishc.c @@ -777,7 +777,6 @@ PJ_DEF(pj_status_t) pjsip_publishc_send(pjsip_publishc *pubc, return PJ_EBUSY; } } - pj_mutex_unlock(pubc->mutex); /* If via_addr is set, use this address for the Via header. */ if (pubc->via_addr.host.slen > 0) { @@ -798,6 +797,9 @@ PJ_DEF(pj_status_t) pjsip_publishc_send(pjsip_publishc *pubc, * may be called even before send_request() returns! */ ++pubc->pending_tsx; + + pj_mutex_unlock(pubc->mutex); + status = pjsip_endpt_send_request(pubc->endpt, tdata, -1, pubc, &tsx_callback); if (status!=PJ_SUCCESS) { diff --git a/pjsip/src/pjsip/sip_transaction.c b/pjsip/src/pjsip/sip_transaction.c index 37eb601b2e..33d2e32d7c 100644 --- a/pjsip/src/pjsip/sip_transaction.c +++ b/pjsip/src/pjsip/sip_transaction.c @@ -880,6 +880,7 @@ pjsip_tsx_detect_merged_requests(pjsip_rx_data *rdata) { pj_str_t key, key2; pj_uint32_t hval = 0; + pjsip_transaction *tsx = NULL; pj_status_t status; PJ_ASSERT_RETURN(rdata->msg_info.msg->type == PJSIP_REQUEST_MSG, NULL); @@ -895,12 +896,15 @@ pjsip_tsx_detect_merged_requests(pjsip_rx_data *rdata) if (status != PJ_SUCCESS) return NULL; + pj_mutex_lock( mod_tsx_layer.mutex ); + /* This request must not match any transaction in our primary hash * table. */ if (pj_hash_get_lower(mod_tsx_layer.htable, key.ptr, (unsigned)key.slen, &hval) != NULL) { + pj_mutex_unlock( mod_tsx_layer.mutex); return NULL; } @@ -910,14 +914,18 @@ pjsip_tsx_detect_merged_requests(pjsip_rx_data *rdata) status = create_tsx_key_2543(rdata->tp_info.pool, &key2, PJSIP_ROLE_UAS, &rdata->msg_info.cseq->method, rdata, PJ_FALSE); - if (status != PJ_SUCCESS) + if (status != PJ_SUCCESS) { + pj_mutex_unlock( mod_tsx_layer.mutex); return NULL; + } hval = 0; - return (pjsip_transaction *) pj_hash_get_lower(mod_tsx_layer.htable2, - key2.ptr, - (unsigned)key2.slen, - &hval); + tsx = pj_hash_get_lower(mod_tsx_layer.htable2, key2.ptr, + (unsigned)key2.slen, &hval); + + pj_mutex_unlock( mod_tsx_layer.mutex); + + return tsx; } /* This module callback is called when endpoint has received an From 994ddd8c155fa4eedf4c59de9e140154c486e6b8 Mon Sep 17 00:00:00 2001 From: sauwming Date: Tue, 26 Dec 2023 09:17:46 +0800 Subject: [PATCH 2/2] Fixed UPnP data races --- pjnath/src/pjnath/upnp.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/pjnath/src/pjnath/upnp.c b/pjnath/src/pjnath/upnp.c index 0747432a56..0a4dad0a95 100644 --- a/pjnath/src/pjnath/upnp.c +++ b/pjnath/src/pjnath/upnp.c @@ -325,12 +325,14 @@ static void add_device(const char *dev_id, const char *url) { unsigned i; + pj_mutex_lock(upnp_mgr.mutex); + if (upnp_mgr.igd_cnt >= MAX_DEVS) { + pj_mutex_unlock(upnp_mgr.mutex); PJ_LOG(3, (THIS_FILE, "Warning: Too many UPnP devices discovered")); return; } - pj_mutex_lock(upnp_mgr.mutex); for (i = 0; i < upnp_mgr.igd_cnt; i++) { if (!pj_strcmp2(&upnp_mgr.igd_devs[i].dev_id, dev_id) && !pj_strcmp2(&upnp_mgr.igd_devs[i].url, url)) @@ -358,6 +360,8 @@ static void set_device_online(const char *dev_id) { unsigned i; + pj_mutex_lock(upnp_mgr.mutex); + for (i = 0; i < upnp_mgr.igd_cnt; i++) { struct igd *igd = &upnp_mgr.igd_devs[i]; @@ -367,15 +371,15 @@ static void set_device_online(const char *dev_id) if (upnp_mgr.primary_igd_idx < 0) { /* If we don't have a primary IGD, use this. */ - pj_mutex_lock(upnp_mgr.mutex); upnp_mgr.primary_igd_idx = i; - pj_mutex_unlock(upnp_mgr.mutex); PJ_LOG(4, (THIS_FILE, "Using primary IGD %s", upnp_mgr.igd_devs[i].dev_id.ptr)); } } } + + pj_mutex_unlock(upnp_mgr.mutex); } /* Update IGD status to offline. */