laforge submitted this change.

View Change


Approvals: Jenkins Builder: Verified fixeria: Looks good to me, approved 
Fix potential NULL pointer dereferences, discovered by Coverity Scan

See: CID 323362 + CID 323363
Change-Id: I47aa506014d8bddb8c8ce9b506c1c5c7b8056d30
---
M src/host/layer23/src/mobile/gsm48_mm.c
1 file changed, 14 insertions(+), 0 deletions(-)

diff --git a/src/host/layer23/src/mobile/gsm48_mm.c b/src/host/layer23/src/mobile/gsm48_mm.c
index cec798b..810dfa7 100644
--- a/src/host/layer23/src/mobile/gsm48_mm.c
+++ b/src/host/layer23/src/mobile/gsm48_mm.c
@@ -3190,6 +3190,8 @@
 					     (msg_type & GSM48_MMXX_MASK),
 					     mmh->ref, mmh->transaction_id,
 					     sapi);
+		if (!nmsg)
+			return -ENOMEM;
 		nmmh = (struct gsm48_mmxx_hdr *)nmsg->data;
 		nmmh->cause = cause;
 		gsm48_mmxx_upmsg(ms, nmsg);
@@ -3410,6 +3412,8 @@
 				     (msg_type & GSM48_MMXX_MASK),
 				     mmh->ref, mmh->transaction_id,
 				     sapi);
+	if (!nmsg)
+		return -ENOMEM;
 	nmmh = (struct gsm48_mmxx_hdr *)nmsg->data;
 	nmmh->cause = 17;
 	gsm48_mmxx_upmsg(ms, nmsg);

To view, visit change 34608. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: osmocom-bb
Gerrit-Branch: master
Gerrit-Change-Id: I47aa506014d8bddb8c8ce9b506c1c5c7b8056d30
Gerrit-Change-Number: 34608
Gerrit-PatchSet: 4
Gerrit-Owner: jolly <andreas@eversberg.eu>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: fixeria <vyanitskiy@sysmocom.de>
Gerrit-Reviewer: laforge <laforge@osmocom.org>
Gerrit-Reviewer: pespin <pespin@sysmocom.de>
Gerrit-MessageType: merged