<p>lynxis lazus has uploaded this change for <strong>review</strong>.</p><p><a href="https://gerrit.osmocom.org/c/libosmocore/+/24650">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">gprs_ns2: sgsn: free the NSE if the SIZE PDU is not valid<br><br>The SGSN fsm should be freed when becoming invalid instead of going<br>into the unconfigured state. The unconfigured states should be only used<br>when creating the NSE (on the SGSN side).<br><br>Change-Id: Ife889091ecba4180a90743deb786767008fe863d<br>---<br>M src/gb/gprs_ns2_sns.c<br>1 file changed, 14 insertions(+), 0 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/50/24650/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/src/gb/gprs_ns2_sns.c b/src/gb/gprs_ns2_sns.c</span><br><span>index c2d5a96..78c0e26 100644</span><br><span>--- a/src/gb/gprs_ns2_sns.c</span><br><span>+++ b/src/gb/gprs_ns2_sns.c</span><br><span>@@ -2242,12 +2242,16 @@</span><br><span>                   !TLVP_PRES_LEN(tp, NS_IE_MAX_NR_NSVC, 2)) {</span><br><span>                      cause = NS_CAUSE_MISSING_ESSENT_IE;</span><br><span>                  ns2_tx_sns_size_ack(gss->sns_nsvc, &cause);</span><br><span style="color: hsl(120, 100%, 40%);">+                    if (fi->state == GPRS_SNS_ST_UNCONFIGURED)</span><br><span style="color: hsl(120, 100%, 40%);">+                         sns_failed(fi, "Rx Size: Missing Enssential IE");</span><br><span>                  break;</span><br><span>               }</span><br><span>            if (!TLVP_PRES_LEN(tp, NS_IE_IPv4_EP_NR, 2) &&</span><br><span>                   !TLVP_PRES_LEN(tp, NS_IE_IPv6_EP_NR, 2)) {</span><br><span>                       cause = NS_CAUSE_MISSING_ESSENT_IE;</span><br><span>                  ns2_tx_sns_size_ack(gss->sns_nsvc, &cause);</span><br><span style="color: hsl(120, 100%, 40%);">+                    if (fi->state == GPRS_SNS_ST_UNCONFIGURED)</span><br><span style="color: hsl(120, 100%, 40%);">+                         sns_failed(fi, "Rx Size: Missing Enssential IE");</span><br><span>                  break;</span><br><span>               }</span><br><span>            if (TLVP_PRES_LEN(tp, NS_IE_IPv4_EP_NR, 2))</span><br><span>@@ -2271,6 +2275,8 @@</span><br><span>                  else</span><br><span>                                 cause = NS_CAUSE_INVAL_NR_IPv6_EP;</span><br><span>                   ns2_tx_sns_size_ack(gss->sns_nsvc, &cause);</span><br><span style="color: hsl(120, 100%, 40%);">+                    if (fi->state == GPRS_SNS_ST_UNCONFIGURED)</span><br><span style="color: hsl(120, 100%, 40%);">+                         sns_failed(fi, "Rx Size: Invalid Nr of IPv4/IPv6 EPs");</span><br><span>                    break;</span><br><span>               }</span><br><span>            /* ensure number of NS-VCs is sufficient for full mesh */</span><br><span>@@ -2281,6 +2287,8 @@</span><br><span>                             num_remote_eps, num_local_eps * num_remote_eps, gss->num_max_nsvcs);</span><br><span>                     cause = NS_CAUSE_INVAL_NR_NS_VC;</span><br><span>                     ns2_tx_sns_size_ack(gss->sns_nsvc, &cause);</span><br><span style="color: hsl(120, 100%, 40%);">+                    if (fi->state == GPRS_SNS_ST_UNCONFIGURED)</span><br><span style="color: hsl(120, 100%, 40%);">+                         sns_failed(fi, NULL);</span><br><span>                        break;</span><br><span>               }</span><br><span>            /* perform state reset, if requested */</span><br><span>@@ -2305,6 +2313,12 @@</span><br><span>                     }</span><br><span>                    ns2_sns_compute_local_ep_from_binds(fi);</span><br><span>             }</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+           if (fi->state == GPRS_SNS_ST_UNCONFIGURED && !(flag & 1)) {</span><br><span style="color: hsl(120, 100%, 40%);">+                    sns_failed(fi, "Rx Size without Reset flag, but NSE is unknown");</span><br><span style="color: hsl(120, 100%, 40%);">+                   break;</span><br><span style="color: hsl(120, 100%, 40%);">+                }</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span>          /* send SIZE_ACK */</span><br><span>          ns2_tx_sns_size_ack(gss->sns_nsvc, NULL);</span><br><span>                 /* only wait for SNS-CONFIG in case of Reset flag */</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.osmocom.org/c/libosmocore/+/24650">change 24650</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.osmocom.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.osmocom.org/c/libosmocore/+/24650"/><meta itemprop="name" content="View Change"/></div></div>

<div style="display:none"> Gerrit-Project: libosmocore </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-Change-Id: Ife889091ecba4180a90743deb786767008fe863d </div>
<div style="display:none"> Gerrit-Change-Number: 24650 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: lynxis lazus <lynxis@fe80.eu> </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>