Fix sctp crash

.travis.yml

@@ -101,10 +101,10 @@ matrix:
     - name: "Linux GCC 4.4 Build"
       os: linux
       before_install:
-              - sudo add-apt-repository -y ppa:ubuntu-toolchain-r/test
-              - sudo apt-get -q update
-              - sudo apt-get -y install gcc-4.4
-              - sudo apt-get -y install gdb
+        - sudo add-apt-repository -y ppa:ubuntu-toolchain-r/test
+        - sudo apt-get -q update
+        - sudo apt-get -y install gcc-4.4
+        - sudo apt-get -y install gdb
       compiler: gcc
       before_script: export CC=gcc-4.4 && mkdir build && cd build && cmake .. -DBUILD_TEST=TRUE
 

src/source/Sctp/Sctp.c

@@ -1,6 +1,8 @@
 #define LOG_CLASS "SCTP"
 #include "../Include_i.h"
 
+static volatile PSctpSessionControl pSctpSessionControl = NULL;
+
 STATUS initSctpAddrConn(PSctpSession pSctpSession, struct sockaddr_conn *sconn)
 {
     ENTERS();
@@ -63,15 +65,33 @@ STATUS initSctpSession()
     // Disable Explicit Congestion Notification
     usrsctp_sysctl_set_sctp_ecn_enable(0);
 
+    pSctpSessionControl = MEMALLOC(SIZEOF(SctpSessionControl));
+    pSctpSessionControl->lock = MUTEX_CREATE(FALSE);
+    CHK_STATUS(hashTableCreate(&pSctpSessionControl->activeSctpSessions));
+
+CleanUp:
+
     return retStatus;
 }
 
 VOID deinitSctpSession()
 {
+    if (pSctpSessionControl != NULL) {
+        MUTEX_LOCK(pSctpSessionControl->lock);
+        hashTableClear(pSctpSessionControl->activeSctpSessions);
+        MUTEX_UNLOCK(pSctpSessionControl->lock);
+    }
+
     // need to block until usrsctp_finish or sctp thread could be calling free objects and cause segfault
     while (usrsctp_finish() != 0) {
         THREAD_SLEEP(DEFAULT_USRSCTP_TEARDOWN_POLLING_INTERVAL);
     }
+
+    if (pSctpSessionControl != NULL) {
+        MUTEX_FREE(pSctpSessionControl->lock);
+        hashTableFree(pSctpSessionControl->activeSctpSessions);
+        SAFE_MEMFREE(pSctpSessionControl);
+    }
 }
 
 STATUS createSctpSession(PSctpSessionCallbacks pSctpSessionCallbacks, PSctpSession* ppSctpSession)
@@ -92,7 +112,12 @@ STATUS createSctpSession(PSctpSessionCallbacks pSctpSessionCallbacks, PSctpSessi
     MEMSET(&localConn, 0x00, SIZEOF(struct sockaddr_conn));
     MEMSET(&remoteConn, 0x00, SIZEOF(struct sockaddr_conn));
 
-    ATOMIC_STORE(&pSctpSession->shutdownStatus, SCTP_SESSION_ACTIVE);
+    // use timestamp as key
+    pSctpSession->key = GETTIME();
+    MUTEX_LOCK(pSctpSessionControl->lock);
+    CHK_STATUS(hashTableUpsert(pSctpSessionControl->activeSctpSessions, pSctpSession->key, (UINT64) pSctpSession));
+    MUTEX_UNLOCK(pSctpSessionControl->lock);
+
     pSctpSession->sctpSessionCallbacks = *pSctpSessionCallbacks;
 
     CHK_STATUS(initSctpAddrConn(pSctpSession, &localConn));
@@ -107,12 +132,11 @@ STATUS createSctpSession(PSctpSessionCallbacks pSctpSessionCallbacks, PSctpSessi
     connectStatus = usrsctp_connect(pSctpSession->socket, (struct sockaddr*) &remoteConn, SIZEOF(remoteConn));
     CHK(connectStatus >= 0 || errno == EINPROGRESS, STATUS_SCTP_SESSION_SETUP_FAILED);
 
-    memcpy(&params.spp_address, &remoteConn, SIZEOF(remoteConn));
+    MEMCPY(&params.spp_address, &remoteConn, SIZEOF(remoteConn));
     params.spp_flags = SPP_PMTUD_DISABLE;
     params.spp_pathmtu = SCTP_MTU;
     CHK(usrsctp_setsockopt(pSctpSession->socket, IPPROTO_SCTP, SCTP_PEER_ADDR_PARAMS, &params, SIZEOF(params)) == 0, STATUS_SCTP_SESSION_SETUP_FAILED);
 
-
 CleanUp:
     if (STATUS_FAILED(retStatus)) {
         freeSctpSession(&pSctpSession);
@@ -129,7 +153,6 @@ STATUS freeSctpSession(PSctpSession* ppSctpSession)
     ENTERS();
     STATUS retStatus = STATUS_SUCCESS;
     PSctpSession pSctpSession;
-    UINT64 shutdownTimeout;
 
     CHK(ppSctpSession != NULL, STATUS_NULL_ARG);
 
@@ -138,20 +161,17 @@ STATUS freeSctpSession(PSctpSession* ppSctpSession)
     CHK(pSctpSession != NULL, retStatus);
 
     usrsctp_deregister_address(pSctpSession);
-    /* handle issue mentioned here: https://github.com/sctplab/usrsctp/issues/147
-     * the change in shutdownStatus will trigger onSctpOutboundPacket to return -1 */
-    ATOMIC_STORE(&pSctpSession->shutdownStatus, SCTP_SESSION_SHUTDOWN_INITIATED);
 
     if (pSctpSession->socket != NULL) {
         usrsctp_set_ulpinfo(pSctpSession->socket, NULL);
         usrsctp_shutdown (pSctpSession->socket, SHUT_RDWR);
         usrsctp_close(pSctpSession->socket);
+        pSctpSession->socket = NULL;
     }
 
-    shutdownTimeout = GETTIME() + DEFAULT_SCTP_SHUTDOWN_TIMEOUT;
-    while(ATOMIC_LOAD(&pSctpSession->shutdownStatus) != SCTP_SESSION_SHUTDOWN_COMPLETED && GETTIME() < shutdownTimeout) {
-        THREAD_SLEEP(DEFAULT_USRSCTP_TEARDOWN_POLLING_INTERVAL);
-    }
+    MUTEX_LOCK(pSctpSessionControl->lock);
+    hashTableRemove(pSctpSessionControl->activeSctpSessions, pSctpSession->key);
+    MUTEX_UNLOCK(pSctpSessionControl->lock);
 
     SAFE_MEMFREE(*ppSctpSession);
 
@@ -219,19 +239,25 @@ INT32 onSctpOutboundPacket(PVOID addr, PVOID data, ULONG length, UINT8 tos, UINT
 {
     UNUSED_PARAM(tos);
     UNUSED_PARAM(set_df);
-
+    BOOL containKey;
     PSctpSession pSctpSession = (PSctpSession) addr;
 
-    if (pSctpSession == NULL || ATOMIC_LOAD(&pSctpSession->shutdownStatus) == SCTP_SESSION_SHUTDOWN_INITIATED ||
-            pSctpSession->sctpSessionCallbacks.outboundPacketFunc == NULL) {
-        if (pSctpSession != NULL) {
-            ATOMIC_STORE(&pSctpSession->shutdownStatus, SCTP_SESSION_SHUTDOWN_COMPLETED);
-        }
+    if (pSctpSession == NULL || pSctpSession->sctpSessionCallbacks.outboundPacketFunc == NULL) {
         return -1;
     }
 
-    pSctpSession->sctpSessionCallbacks.outboundPacketFunc(pSctpSession->sctpSessionCallbacks.customData, data, length);
+    MUTEX_LOCK(pSctpSessionControl->lock);
+    hashTableContains(pSctpSessionControl->activeSctpSessions, pSctpSession->key, &containKey);
+    MUTEX_UNLOCK(pSctpSessionControl->lock);
+
+    /* If the key is not in activeSctpSessions, then the session must have been freed. Thus do not call callback.
+     * Fixes issue stated here: https://github.com/sctplab/usrsctp/issues/147.
+     * (return -1 otherwise usrsctp_finish() won't finish) */
+    if (!containKey) {
+        return 0;
+    }
 
+    pSctpSession->sctpSessionCallbacks.outboundPacketFunc(pSctpSession->sctpSessionCallbacks.customData, data, length);
     return 0;
 }
 

src/source/Sctp/Sctp.h

@@ -16,12 +16,6 @@ extern "C" {
 #define SCTP_ASSOCIATION_DEFAULT_PORT 5000
 #define SCTP_DCEP_HEADER_LENGTH 12
 
-#define SCTP_SESSION_ACTIVE                     0
-#define SCTP_SESSION_SHUTDOWN_INITIATED         1
-#define SCTP_SESSION_SHUTDOWN_COMPLETED         2
-
-#define DEFAULT_SCTP_SHUTDOWN_TIMEOUT           2 * HUNDREDS_OF_NANOS_IN_A_SECOND
-
 #define DEFAULT_USRSCTP_TEARDOWN_POLLING_INTERVAL           (10 * HUNDREDS_OF_NANOS_IN_A_MILLISECOND)
 
 enum {
@@ -59,11 +53,21 @@ typedef struct {
 } SctpSessionCallbacks, *PSctpSessionCallbacks;
 
 typedef struct {
-    volatile SIZE_T shutdownStatus;
     struct socket *socket;
     SctpSessionCallbacks sctpSessionCallbacks;
+    UINT64 key;
 } SctpSession, *PSctpSession;
 
+typedef struct {
+    /* Protect activeSctpSessions access */
+    MUTEX lock;
+
+    /* This hash table is used as a set. When sctpSession get created it will be assigned with a key
+     * and the key is inserted into the table. When sctpSession is freed, its key is removed from
+     * the table. */
+    PHashTable activeSctpSessions;
+} SctpSessionControl, *PSctpSessionControl;
+
 STATUS initSctpSession();
 VOID deinitSctpSession();
 STATUS createSctpSession(PSctpSessionCallbacks, PSctpSession*);