From b2a13e83dcb4958cccd5d314a1bb8bf25379cb51 Mon Sep 17 00:00:00 2001
From: Joshua Colp <jcolp@digium.com>
Date: Fri, 23 Aug 2013 13:58:08 +0000
Subject: [PATCH] Fix crash when answering after a transport error occurs.

If a response to an initial incoming INVITE results in a transport error
the INVITE transaction is removed from the INVITE session. Any attempts
to answer the INVITE session after this results in a crash as it requires
the INVITE transaction to exist. This change explicitly locks the dialog
and checks to ensure that the INVITE transaction exists before answering.

(closes issue AST-1203)
Reported by: John Bigelow


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@397515 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 channels/chan_pjsip.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/channels/chan_pjsip.c b/channels/chan_pjsip.c
index a9549ff310..df6e9a3859 100644
--- a/channels/chan_pjsip.c
+++ b/channels/chan_pjsip.c
@@ -637,11 +637,17 @@ static struct ast_channel *chan_pjsip_new(struct ast_sip_session *session, int s
 
 static int answer(void *data)
 {
-	pj_status_t status;
+	pj_status_t status = PJ_SUCCESS;
 	pjsip_tx_data *packet;
 	struct ast_sip_session *session = data;
 
-	if ((status = pjsip_inv_answer(session->inv_session, 200, NULL, NULL, &packet)) == PJ_SUCCESS) {
+	pjsip_dlg_inc_lock(session->inv_session->dlg);
+	if (session->inv_session->invite_tsx) {
+		status = pjsip_inv_answer(session->inv_session, 200, NULL, NULL, &packet);
+	}
+	pjsip_dlg_dec_lock(session->inv_session->dlg);
+
+	if (status == PJ_SUCCESS && packet) {
 		ast_sip_session_send_response(session, packet);
 	}
 
-- 
GitLab