abort report: SUBSCRIBE Expires 0

Eeri.Kask@xxxxxxxxxxxxxxxxxxxxx (Eeri Kask) · Tue, 22 Apr 2014 16:16:27 +0200

Hello,

pjasua (in pjsip-apps/src/pjsua/) of pjproject-2.2.1 can be remotely
terminated if it is sent a SUBSCRIBE request with "Expires: 0":

========8<========

15:44:05.983   pjsua_core.c  .RX 421 bytes Request msg
SUBSCRIBE/cseq=43179 (rdata0x102e30228) from UDP 192.168.2.200:5060:
SUBSCRIBE sip:192.168.2.100 SIP/2.0
Via: SIP/2.0/UDP
192.168.2.200:5060;rport;branch=z9hG4bKPjRG83qlJzdx8LVD7fhmvr8l8R7mUcI-R3
Max-Forwards: 70
From: <sip:192.168.2.200>;tag=qT2LP1vyz6Za5engkNNqTqYlVe9iRb4i
To: <sip:192.168.2.100>
Call-ID: 6lSl1IjyWdCdJETbmzT70aJ.u7YAFaeQ
CSeq: 43179 SUBSCRIBE
Contact: <sip:192.168.2.200:5060;ob>
Event: presence
Accept: application/pidf+xml
Expires: 0
Content-Length:  0


--end msg--
15:44:05.983   pjsua_pres.c  .Creating server subscription, using account 0
15:44:05.984   pjsua_core.c  ....TX 543 bytes Response msg
200/SUBSCRIBE/cseq=43179 (tdta0x102b6fa00) to UDP 192.168.2.200:5060:
SIP/2.0 200 OK
Via: SIP/2.0/UDP
192.168.2.200:5060;rport=5060;received=192.168.2.200;branch=z9hG4bKPjRG83qlJzdx8LVD7fhmvr8l8R7mUcI-R3
Call-ID: 6lSl1IjyWdCdJETbmzT70aJ.u7YAFaeQ
From: <sip:192.168.2.200>;tag=qT2LP1vyz6Za5engkNNqTqYlVe9iRb4i
To: <sip:192.168.2.100>;tag=sDPnLgO4YJsmh-qDr01IBEBSDtxZ.8ax
CSeq: 43179 SUBSCRIBE
Expires: 0
Contact: <sip:192.168.2.100:5060>
Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, INFO, SUBSCRIBE, NOTIFY,
REFER, MESSAGE, OPTIONS
Supported: replaces, 100rel, timer, norefersub
Content-Length:  0


--end msg--
Assertion failed: (seconds > 0), function set_timer, file
../src/pjsip-simple/evsub.c, line 510.
Abort trap

========8<========

It correctly replies with 200-OK but fails to send the final NOTIFY.

The attached patch fixed it for me,

    Eeri Kask

-------------- next part --------------

--- ./pjsip/src/pjsip-simple/evsub.c.orig	2014-04-22 15:50:02.000000000 +0200
+++ ./pjsip/src/pjsip-simple/evsub.c	2014-04-22 15:50:42.000000000 +0200
@@ -507,10 +507,13 @@
     if (timer_id != TIMER_TYPE_NONE) {
 	pj_time_val timeout;
 
-	PJ_ASSERT_ON_FAIL(seconds > 0, return);
+	PJ_ASSERT_ON_FAIL(seconds >= 0, return);
 	PJ_ASSERT_ON_FAIL(timer_id>TIMER_TYPE_NONE && timer_id<TIMER_TYPE_MAX,
 			  return);
 
+	if (seconds == 0)
+	    seconds = 1;
+
 	timeout.sec = seconds;
 	timeout.msec = 0;
 	sub->timer.id = timer_id;





