From da7caf451097558dc88ec7e6426d475d15f4d40b Mon Sep 17 00:00:00 2001 From: rmudgett Date: Wed, 5 Aug 2009 19:18:56 +0000 Subject: Dialplan starts execution before the channel setup is complete. * Issue 15655: For the case where dialing is complete for an incoming call, dahdi_new() was asked to start the PBX and then the code set more channel variables. If the dialplan hungup before these channel variables got set, asterisk would likely crash. * Fixed potential for overlap incoming call to erroneously set channel variables as global dialplan variables if the ast_channel structure failed to get allocated. * Added missing set of CALLINGSUBADDR in the dialing is complete case. (closes issue #15655) Reported by: alecdavis git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@210575 f38db490-d61c-443f-a65b-d21fe96a405b --- channels/chan_dahdi.c | 104 ++++++++++++++++++++++++++++---------------------- 1 file changed, 59 insertions(+), 45 deletions(-) (limited to 'channels/chan_dahdi.c') diff --git a/channels/chan_dahdi.c b/channels/chan_dahdi.c index 6f0fb10a1..9a1a4297e 100644 --- a/channels/chan_dahdi.c +++ b/channels/chan_dahdi.c @@ -9336,6 +9336,7 @@ static void *pri_dchannel(void *vpri) pri->pvts[chanpos]->exten[0] = 's'; pri->pvts[chanpos]->exten[1] = '\0'; } + /* Make sure extension exists (or in overlap dial mode, can exist) */ if (((pri->overlapdial & DAHDI_OVERLAPDIAL_INCOMING) && ast_canmatch_extension(NULL, pri->pvts[chanpos]->context, pri->pvts[chanpos]->exten, 1, pri->pvts[chanpos]->cid_num)) || ast_exists_extension(NULL, pri->pvts[chanpos]->context, pri->pvts[chanpos]->exten, 1, pri->pvts[chanpos]->cid_num)) { @@ -9371,8 +9372,13 @@ static void *pri_dchannel(void *vpri) pri->pvts[chanpos]->callingpres = e->ring.callingpres; /* Start PBX */ - if (!e->ring.complete && (pri->overlapdial & DAHDI_OVERLAPDIAL_INCOMING) && ast_matchmore_extension(NULL, pri->pvts[chanpos]->context, pri->pvts[chanpos]->exten, 1, pri->pvts[chanpos]->cid_num)) { - /* Release the PRI lock while we create the channel */ + if (!e->ring.complete + && (pri->overlapdial & DAHDI_OVERLAPDIAL_INCOMING) + && ast_matchmore_extension(NULL, pri->pvts[chanpos]->context, pri->pvts[chanpos]->exten, 1, pri->pvts[chanpos]->cid_num)) { + /* + * Release the PRI lock while we create the channel + * so other threads can send D channel messages. + */ ast_mutex_unlock(&pri->lock); if (crv) { /* Set bearer and such */ @@ -9383,30 +9389,27 @@ static void *pri_dchannel(void *vpri) } else { c = dahdi_new(pri->pvts[chanpos], AST_STATE_RESERVED, 0, SUB_REAL, law, e->ring.ctype); } - - ast_mutex_unlock(&pri->pvts[chanpos]->lock); - - if (!ast_strlen_zero(e->ring.callingsubaddr)) { - pbx_builtin_setvar_helper(c, "CALLINGSUBADDR", e->ring.callingsubaddr); - } - if (e->ring.ani2 >= 0) { - snprintf(ani2str, 5, "%.2d", e->ring.ani2); - pbx_builtin_setvar_helper(c, "ANI2", ani2str); - } + ast_mutex_lock(&pri->lock); + if (c) { + if (!ast_strlen_zero(e->ring.callingsubaddr)) { + pbx_builtin_setvar_helper(c, "CALLINGSUBADDR", e->ring.callingsubaddr); + } + if (e->ring.ani2 >= 0) { + snprintf(ani2str, sizeof(ani2str), "%d", e->ring.ani2); + pbx_builtin_setvar_helper(c, "ANI2", ani2str); + } #ifdef SUPPORT_USERUSER - if (!ast_strlen_zero(e->ring.useruserinfo)) { - pbx_builtin_setvar_helper(c, "USERUSERINFO", e->ring.useruserinfo); - } + if (!ast_strlen_zero(e->ring.useruserinfo)) { + pbx_builtin_setvar_helper(c, "USERUSERINFO", e->ring.useruserinfo); + } #endif - snprintf(calledtonstr, sizeof(calledtonstr)-1, "%d", e->ring.calledplan); - pbx_builtin_setvar_helper(c, "CALLEDTON", calledtonstr); - if (e->ring.redirectingreason >= 0) - pbx_builtin_setvar_helper(c, "PRIREDIRECTREASON", redirectingreason2str(e->ring.redirectingreason)); - - ast_mutex_lock(&pri->pvts[chanpos]->lock); - ast_mutex_lock(&pri->lock); + snprintf(calledtonstr, sizeof(calledtonstr), "%d", e->ring.calledplan); + pbx_builtin_setvar_helper(c, "CALLEDTON", calledtonstr); + if (e->ring.redirectingreason >= 0) + pbx_builtin_setvar_helper(c, "PRIREDIRECTREASON", redirectingreason2str(e->ring.redirectingreason)); + } pthread_attr_init(&attr); pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED); @@ -9416,7 +9419,7 @@ static void *pri_dchannel(void *vpri) plancallingnum, S_OR(pri->pvts[chanpos]->exten, ""), pri->pvts[chanpos]->logicalspan, pri->pvts[chanpos]->prioffset, pri->span); } else { - ast_log(LOG_WARNING, "Unable to start PBX on channel %d/%d, span %d\n", + ast_log(LOG_WARNING, "Unable to start PBX on channel %d/%d, span %d\n", pri->pvts[chanpos]->logicalspan, pri->pvts[chanpos]->prioffset, pri->span); if (c) ast_hangup(c); @@ -9426,17 +9429,28 @@ static void *pri_dchannel(void *vpri) } } pthread_attr_destroy(&attr); - } else { + } else { + /* + * Release the PRI lock while we create the channel + * so other threads can send D channel messages. + */ ast_mutex_unlock(&pri->lock); - /* Release PRI lock while we create the channel */ - c = dahdi_new(pri->pvts[chanpos], AST_STATE_RING, 1, SUB_REAL, law, e->ring.ctype); + c = dahdi_new(pri->pvts[chanpos], AST_STATE_RING, 0, SUB_REAL, law, e->ring.ctype); + ast_mutex_lock(&pri->lock); if (c) { - char calledtonstr[10]; - - ast_mutex_unlock(&pri->pvts[chanpos]->lock); - + /* + * It is reasonably safe to set the following + * channel variables while the PRI and DAHDI private + * structures are locked. The PBX has not been + * started yet and it is unlikely that any other task + * will do anything with the channel we have just + * created. + */ + if (!ast_strlen_zero(e->ring.callingsubaddr)) { + pbx_builtin_setvar_helper(c, "CALLINGSUBADDR", e->ring.callingsubaddr); + } if (e->ring.ani2 >= 0) { - snprintf(ani2str, 5, "%d", e->ring.ani2); + snprintf(ani2str, sizeof(ani2str), "%d", e->ring.ani2); pbx_builtin_setvar_helper(c, "ANI2", ani2str); } @@ -9448,26 +9462,26 @@ static void *pri_dchannel(void *vpri) if (e->ring.redirectingreason >= 0) pbx_builtin_setvar_helper(c, "PRIREDIRECTREASON", redirectingreason2str(e->ring.redirectingreason)); - - snprintf(calledtonstr, sizeof(calledtonstr)-1, "%d", e->ring.calledplan); - pbx_builtin_setvar_helper(c, "CALLEDTON", calledtonstr); - - ast_mutex_lock(&pri->pvts[chanpos]->lock); - ast_mutex_lock(&pri->lock); + snprintf(calledtonstr, sizeof(calledtonstr), "%d", e->ring.calledplan); + pbx_builtin_setvar_helper(c, "CALLEDTON", calledtonstr); + } + if (c && !ast_pbx_start(c)) { if (option_verbose > 2) ast_verbose(VERBOSE_PREFIX_3 "Accepting call from '%s' to '%s' on channel %d/%d, span %d\n", - plancallingnum, pri->pvts[chanpos]->exten, - pri->pvts[chanpos]->logicalspan, pri->pvts[chanpos]->prioffset, pri->span); + plancallingnum, pri->pvts[chanpos]->exten, + pri->pvts[chanpos]->logicalspan, pri->pvts[chanpos]->prioffset, pri->span); + dahdi_enable_ec(pri->pvts[chanpos]); } else { - - ast_mutex_lock(&pri->lock); - - ast_log(LOG_WARNING, "Unable to start PBX on channel %d/%d, span %d\n", + ast_log(LOG_WARNING, "Unable to start PBX on channel %d/%d, span %d\n", pri->pvts[chanpos]->logicalspan, pri->pvts[chanpos]->prioffset, pri->span); - pri_hangup(pri->pri, e->ring.call, PRI_CAUSE_SWITCH_CONGESTION); - pri->pvts[chanpos]->call = NULL; + if (c) { + ast_hangup(c); + } else { + pri_hangup(pri->pri, e->ring.call, PRI_CAUSE_SWITCH_CONGESTION); + pri->pvts[chanpos]->call = NULL; + } } } } else { -- cgit v1.2.3