osmo-bts.git branch master updated. 0.7.0-61-g40c05f0

gitosis at osmocom.org gitosis at osmocom.org
Fri Jan 26 18:21:21 UTC 2018


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Osmocom BTS-side code (Abis, scheduling, ...)".

The branch, master has been updated
       via  40c05f07f49721e3ec89f6cd4a21a187a41336ef (commit)
       via  7d62629ca2a8e0b467d650bc4fed3c66178d7171 (commit)
      from  75d0fcdfcd4dec0e3d11127a7982014b5d3bf660 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://cgit.osmocom.org/osmo-bts/commit/?id=40c05f07f49721e3ec89f6cd4a21a187a41336ef

commit 40c05f07f49721e3ec89f6cd4a21a187a41336ef
Author: Philipp Maier <pmaier at sysmocom.de>
Date:   Thu Jan 25 19:00:34 2018 +0100

    fix nullpointer deref in rsl_tx_mode_modif_nack()
    
    The function rsl_tx_mode_modif_nack() uses abis_bts_rsl_sendmsg().
    This function relys on msg->trx to be set (see abis.c). However,
    rsl_tx_mode_modif_nack() creates the message buffer, but does
    not set msg->trx.
    
    - Make sure that msg->trx is set properly
    
    Change-Id: Ib5990db11df1b25dc5d321193731426b11f8005a

http://cgit.osmocom.org/osmo-bts/commit/?id=7d62629ca2a8e0b467d650bc4fed3c66178d7171

commit 7d62629ca2a8e0b467d650bc4fed3c66178d7171
Author: Philipp Maier <pmaier at sysmocom.de>
Date:   Fri Jan 26 10:23:20 2018 +0100

    rsl: fix double-free in rsl_rx_mode_modif()
    
    When the RSL_IE_CHAN_MODE is is missing, then the message buffer
    is freed and the channel mode modify is nacked using
    return rsl_tx_mode_modif_nack()
    
    The function rsl_tx_mode_modif_nack uses abis_bts_rsl_sendmsg()
    which returns 0 on success. This eventually leads into a double-
    free in rsl_rx_dchan() which frees the message buffer on all
    return codes except 1.
    
    - Remove the excess msgb_free() in the error handling path.
    
    Change-Id: I946a927ba35aa115520b1248eefccd91832f69f6

-----------------------------------------------------------------------

Summary of changes:
 src/common/rsl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


hooks/post-receive
-- 
Osmocom BTS-side code (Abis, scheduling, ...)


More information about the osmocom-commitlog mailing list