fixeria has uploaded this change for review.

View Change

vgcs_fsm: fix NULL pointer dereference in vgcs_call_fsm_busy()

Change-Id: I14ad41bfa1ab3455a6a175cfb05341ca12c8d73e
Fixes: CID#322299
---
M src/osmo-bsc/vgcs_fsm.c
1 file changed, 13 insertions(+), 1 deletion(-)

git pull ssh://gerrit.osmocom.org:29418/osmo-bsc refs/changes/34/35334/1
diff --git a/src/osmo-bsc/vgcs_fsm.c b/src/osmo-bsc/vgcs_fsm.c
index 37473c5..1f2bbef 100644
--- a/src/osmo-bsc/vgcs_fsm.c
+++ b/src/osmo-bsc/vgcs_fsm.c
@@ -317,8 +317,10 @@
 		break;
 	case VGCS_EV_MSC_DTAP:
 		LOG_CALL(conn, LOGL_DEBUG, "MSC sends DTAP message to talker.\n");
-		if (!conn->vgcs_call.talker)
+		if (!conn->vgcs_call.talker) {
 			msgb_free(data);
+			break;
+		}
 		rc = osmo_fsm_inst_dispatch(conn->vgcs_call.talker->vgcs_chan.fi, VGCS_EV_MSC_DTAP, data);
 		if (rc < 0)
 			msgb_free(data);

To view, visit change 35334. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: osmo-bsc
Gerrit-Branch: master
Gerrit-Change-Id: I14ad41bfa1ab3455a6a175cfb05341ca12c8d73e
Gerrit-Change-Number: 35334
Gerrit-PatchSet: 1
Gerrit-Owner: fixeria <vyanitskiy@sysmocom.de>
Gerrit-MessageType: newchange