From 20838941240536b52e24e47ce99ad6c2175dba1a Mon Sep 17 00:00:00 2001 From: Yuwei Huang Date: Tue, 9 May 2023 16:01:33 -0700 Subject: [PATCH] Fix bug of messages being delivered before data channel is open If the caller calls RegisterObserver() on the network thread while the state is not kOpen but there are queued received data, those received data will be immediately delivered to the observer before the state is transitioned to kOpen, which may break the observer's assertions and cause problems. The problem turns out to be that, when SctpDataChannel::RegisterObserver calls DeliverQueuedReceivedData(), the data will be passed to the observer without checking the |state_| first, meanwhile SctpDataChannel::UpdateState does effectively check the state and null-check |observer_| before delivering the received data. This CL fixes this by simply making DeliverQueuedReceivedData() also check `state_ == kOpen`. In case the state transitions to kOpen after RegisterObserver() is called, the first DeliverQueuedReceivedData() call will be no-op, while the second DeliverQueuedReceivedData() call will do the work. Bug: chromium:1442696 Change-Id: If25ce6a038d704939b1a8ae73d7ced110448b050 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/304687 Reviewed-by: Tomas Gunnarsson Commit-Queue: Tomas Gunnarsson Cr-Commit-Position: refs/heads/main@{#40036} --- pc/sctp_data_channel.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pc/sctp_data_channel.cc b/pc/sctp_data_channel.cc index e024c60970..a17008fb3f 100644 --- a/pc/sctp_data_channel.cc +++ b/pc/sctp_data_channel.cc @@ -848,7 +848,7 @@ void SctpDataChannel::SetState(DataState state) { // RTC_RUN_ON(network_thread_). void SctpDataChannel::DeliverQueuedReceivedData() { - if (!observer_) { + if (!observer_ || state_ != kOpen) { return; }