From b84b71defa49a715d04d9776a5f0c7040103d6db Mon Sep 17 00:00:00 2001
From: Stefan Knoblich <s.knoblich@axsentis.de>
Date: Sun, 19 Dec 2010 21:09:50 +0100
Subject: [PATCH] FreeTDM: Stop using raw_data for
 FTDM_SIGEVENT_SIGSTATUS_CHANGED events.

The raw_data member is used for passing heap allocated data with an event,
(e.g. strings of dtmf data) the memory is freed after the event has been processed.

Recent changes in the event structure added a way to pass sig status changes inline,
so remove the raw_data usage for FTDM_SIGEVENT_SIGSTATUS_CHANGED events.

NOTE: This (finally) fixes a bug in ftmod_libpri that was caused by
      the event handling changes (stack corruption due to using free()
      on a variable on the stack, which turned into a NULL ptr deref
      caused by some compat code in ftdm_io.c:ftdm_span_send_signal().

Compiles and tested on my BRI setup, i did a quick audit of all
places that generate FTDM_SIGEVENT_SIGSTATUS_CHANGED events and
except for the sangoma_boost module there's nothing else that left
using raw_data for this event.

Signed-off-by: Stefan Knoblich <s.knoblich@axsentis.de>
---
 libs/freetdm/mod_freetdm/mod_freetdm.c                         | 2 +-
 libs/freetdm/src/ftdm_io.c                                     | 3 +--
 .../src/ftmod/ftmod_sangoma_boost/ftmod_sangoma_boost.c        | 2 +-
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/libs/freetdm/mod_freetdm/mod_freetdm.c b/libs/freetdm/mod_freetdm/mod_freetdm.c
index 7637932b79..80006f1ae5 100755
--- a/libs/freetdm/mod_freetdm/mod_freetdm.c
+++ b/libs/freetdm/mod_freetdm/mod_freetdm.c
@@ -2086,7 +2086,7 @@ static FIO_SIGNAL_CB_FUNCTION(on_r2_signal)
 
 		case FTDM_SIGEVENT_SIGSTATUS_CHANGED:
 		{
-			ftdm_signaling_status_t sigstatus = sigmsg->raw_data ? *((ftdm_signaling_status_t*)(sigmsg->raw_data)) : sigmsg->ev_data.sigstatus.status;
+			ftdm_signaling_status_t sigstatus = sigmsg->ev_data.sigstatus.status;
 			switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_INFO, "%d:%d signalling changed to: %s\n",
 					spanid, chanid, ftdm_signaling_status2str(sigstatus));
 		}
diff --git a/libs/freetdm/src/ftdm_io.c b/libs/freetdm/src/ftdm_io.c
index 94a01aa7ba..297c08e5ea 100644
--- a/libs/freetdm/src/ftdm_io.c
+++ b/libs/freetdm/src/ftdm_io.c
@@ -5403,8 +5403,7 @@ FT_DECLARE(ftdm_status_t) ftdm_span_send_signal(ftdm_span_t *span, ftdm_sigmsg_t
 
 	case FTDM_SIGEVENT_SIGSTATUS_CHANGED:
 		{
-			ftdm_signaling_status_t sigstatus = ftdm_test_flag(span, FTDM_SPAN_USE_SIGNALS_QUEUE) ? sigmsg->ev_data.sigstatus.status : *((ftdm_signaling_status_t*)(sigmsg->raw_data));
-			if (sigstatus == FTDM_SIG_STATE_UP) {
+			if (sigmsg->ev_data.sigstatus.status == FTDM_SIG_STATE_UP) {
 				ftdm_set_flag(sigmsg->channel, FTDM_CHANNEL_SIG_UP);
 			} else {
 				ftdm_clear_flag(sigmsg->channel, FTDM_CHANNEL_SIG_UP);
diff --git a/libs/freetdm/src/ftmod/ftmod_sangoma_boost/ftmod_sangoma_boost.c b/libs/freetdm/src/ftmod/ftmod_sangoma_boost/ftmod_sangoma_boost.c
index f59b3b8c4f..97e242dacb 100644
--- a/libs/freetdm/src/ftmod/ftmod_sangoma_boost/ftmod_sangoma_boost.c
+++ b/libs/freetdm/src/ftmod/ftmod_sangoma_boost/ftmod_sangoma_boost.c
@@ -2478,7 +2478,7 @@ static BOOST_SIG_STATUS_CB_FUNCTION(ftdm_boost_sig_status_change)
 	sig.span_id = ftdmchan->span_id;
 	sig.channel = ftdmchan;
 	sig.event_id = FTDM_SIGEVENT_SIGSTATUS_CHANGED;
-	sig.raw_data = &status;
+	sig.ev_data.sigstatus.status = status;
 	ftdm_span_send_signal(ftdmchan->span, &sig);
 	return;
 }