Change in osmo-ggsn[master]: libgtp: Fix ggsn crash if pdp alloc array is full (PDP_MAX)

1 Mar 2022


      Attention is currently required from: pespin, keith.
Hello Jenkins Builder, laforge, fixeria, keith,
I'd like you to reexamine a change. Please visit
https://gerrit.osmocom.org/c/osmo-ggsn/+/27351
to look at the new patch set (#2).
Change subject: libgtp: Fix ggsn crash if pdp alloc array is full (PDP_MAX)
......................................................................
libgtp: Fix ggsn crash if pdp alloc array is full (PDP_MAX)
osmo-ggsn crashes when concurrent pdp context num 1024 is created, due to
the gsn->pdpa array (of size PDP_MAX, 1024) being full.
The crash happens because return code of gtp_pdp_newpdp was not checked,
and hence a pointer "pdp" pointing to a temporary not-fully-allocated
object was being passed to gsn->cb_create_context_ind() callback.
Let's avoid crashing and instead reject the PDP context.
Related: OS#5469
Change-Id: I0d94ffad97eb4fef477d981bf285bf99740592a3
---
M gtp/gtp.c
1 file changed, 12 insertions(+), 1 deletion(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-ggsn refs/changes/51/27351/2
-- 
To view, visit https://gerrit.osmocom.org/c/osmo-ggsn/+/27351
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-ggsn
Gerrit-Branch: master
Gerrit-Change-Id: I0d94ffad97eb4fef477d981bf285bf99740592a3
Gerrit-Change-Number: 27351
Gerrit-PatchSet: 2
Gerrit-Owner: pespin pespin@sysmocom.de
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: fixeria vyanitskiy@sysmocom.de
Gerrit-Reviewer: keith keith@rhizomatica.org
Gerrit-Reviewer: laforge laforge@osmocom.org
Gerrit-Attention: pespin pespin@sysmocom.de
Gerrit-Attention: keith keith@rhizomatica.org
Gerrit-MessageType: newpatchset

2025

2024

2023

2022

Change in osmo-ggsn[master]: libgtp: Fix ggsn crash if pdp alloc array is full (PDP_MAX)