reSIProcate

Mailing Lists

Source Code

Google Search:



< Previous by Date Date Index Next by Date >
< Previous in Thread Thread Index Next in Thread >

Re: [reSIProcate] corruption in SdpContents::Session::Medium::codecs()

I'm not following this.  clearAttribute does not do anything with a
ParseBuffer.

Do you have a test program that fails, that can demonstrate what you are
pointing out?

Scott

> -----Original Message-----
> From: resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxx
> [mailto:resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of
> Justin Matthews
> Sent: Tuesday, October 17, 2006 6:03 PM
> To: resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> Subject: [reSIProcate] corruption in
> SdpContents::Session::Medium::codecs()
> 
> Hello, is the following correct?  If so, any ideas on the best way to
> fix
> this?
> 
> Thanks,
> 
> -Justin
> 
> In SdpContents::Session::Medium::codecs():
> 
>       // don't store twice
>       mFormats.clear();
>       mAttributeHelper.clearAttribute(rtpmap);
>       mAttributeHelper.clearAttribute(fmtp);  // parsed out in
> codec.parse
> 
> Calling clearAttribute will destroy the ParseBuffer for rtpmap and
fmtp
> which is now being accessed by the mRtpMap entries that are created
> earlier
> in this function.  Accessing data members that store resip::Data
> objects
> such as Codec::mName will be accessing previously free'd memory
blocks.
> 
>
-----------------------------------------------------------------------
> -----
> 
> SdpContents::Session::Medium::codecs()
> {
> .
> 
> if (exists(rtpmap))
>       {
>          for (list<Data>::const_iterator i =
getValues(rtpmap).begin();
>               i != getValues(rtpmap).end(); ++i)
>          {
>             //DebugLog(<< "SdpContents::Session::Medium::getCodec(" <<
> *i <<
> ")");
>             ParseBuffer pb(i->data(), i->size());
>             int format = pb.integer();
>             // pass to codec constructor for parsing
>             // pass this for other codec attributes
>             try
>             {
>                mRtpMap[format].parse(pb, *this, format);
>             }
> 
>
-----------------------------------------------------------------------
> -----
> Codec::parse(ParseBuffer& pb,
>              const SdpContents::Session::Medium& medium,
>              int payloadType)
> {
>    const char* anchor = pb.skipWhitespace();
>    pb.skipToChar(Symbols::SLASH[0]);
>    pb.data(mName, anchor);
> .
> }
> 
>
-----------------------------------------------------------------------
> -----
> 
> ParseBuffer::data(Data& data, const char* start) const
> {
>    if (!(mBuff <= start && start <= mPosition))
>    {
>       fail(__FILE__, __LINE__,"Bad anchor position");
>    }
> 
>    if (data.mMine == Data::Take)
>    {
>       delete[] data.mBuf;
>    }
>    data.mSize = (unsigned int)(mPosition - start);
>    data.mBuf = const_cast<char*>(start);
>    data.mCapacity = data.mSize;
>    data.mMine = Data::Share;
> }
> 
> 
> 
> 
> _______________________________________________
> resiprocate-devel mailing list
> resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel