[tracer] avoid parsing the shm cloned SIP msg

The TM TMCB_MSG_SENT_OUT callback may be called when doing a retransmission for a locally generated request. If for the original sending, a pkg malloc'ed sip_msg is passed to TMCB_MSG_SENT_OUT callback, for the retransmissions the shm cloned sip_msg is passed. As the 'tracer' callback (on TMCB_MSG_SENT_OUT) requires some FROM hdr parsing (to get the from tag), it should NOT parse directly on the shm cloned SIP msg as it will tain the shm sip_msg with pkg pointers -> better do a local parsing (not attached to the sip_msg) of the FROM HDR. This issue was leading to pkg leaking (of the parsed FROM hdr in the shm cloned sip_msg) or it a crash if using failure route from the local route. Note: this is specific to using tracer module from the local route. Closes #2728 (cherry picked from commit 4eabea8)
OpenSIPS · Oct 27, 2022 · 4dcb308 · 4dcb308
1 parent ced7b4c
commit 4dcb308
Showing 1 changed file with 39 additions and 12 deletions.
diff --git a/modules/tracer/tracer.c b/modules/tracer/tracer.c
@@ -1991,17 +1991,45 @@ static void trace_msg_out(struct sip_msg* msg, str  *sbuf,
 	static char toip_buff[IP_ADDR_MAX_STR_SIZE+12];
 	struct ip_addr to_ip;
 	trace_instance_p instance;
+	struct to_body from_b;
+	str from_tag;
+
+	if (msg->msg_flags&FL_SHM_CLONE) {
+		/* this is an in shm-mem cloned msg,
+		 * so do not do direct parsing on it ; keep in mind that the hdrs are
+		 * already parsed/found, so we may need to parse here only
+		 * their body/payload */
+		if (msg->from) {
+			if (get_from(msg)) {
+				from_tag = get_from(msg)->tag_value;
+			} else {
+				parse_to( msg->from->body.s,
+					msg->from->body.s+msg->from->body.len+1, &from_b);
+				if (from_b.error == PARSE_ERROR) {
+					from_tag.s = NULL;
+					from_tag.s = 0;
+				} else {
+					from_tag = from_b.tag_value;
+					free_to_params(&from_b);
+				}
+			}
+		} else {
+			from_tag.s = NULL;
+			from_tag.s = 0;
+		}
+	} else {
+		if(parse_from_header(msg)==-1||msg->from==NULL||get_from(msg)==NULL)
+		{
+			LM_ERR("cannot parse FROM header\n");
+			goto error;
+		}
+		from_tag = get_from(msg)->tag_value;
 
-	if(parse_from_header(msg)==-1 || msg->from==NULL || get_from(msg)==NULL)
-	{
-		LM_ERR("cannot parse FROM header\n");
-		goto error;
-	}
-
-	if(parse_headers(msg, HDR_CALLID_F, 0)!=0)
-	{
-		LM_ERR("cannot parse call-id\n");
-		return;
+		if(parse_headers(msg, HDR_CALLID_F, 0)!=0)
+		{
+			LM_ERR("cannot parse call-id\n");
+			return;
+		}
 	}
 
 	LM_DBG("trace msg out \n");
@@ -2075,8 +2103,7 @@ static void trace_msg_out(struct sip_msg* msg, str  *sbuf,
 
 	db_vals[11].val.string_val = "out";
 
-	db_vals[12].val.str_val.s = get_from(msg)->tag_value.s;
-	db_vals[12].val.str_val.len = get_from(msg)->tag_value.len;
+	db_vals[12].val.str_val = from_tag;
 
 	for (instance = info->instances; instance; instance = instance->next) {
 		if (save_siptrace(msg, db_keys,db_vals, instance, info->conn_id) < 0) {