Change in osmo-bts[master]: measurement: do not call msgb_l3len without checking - gerrit-log

6 Oct 2022

dexter has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-bts/+/29651 )
Change subject: measurement: do not call msgb_l3len without checking
......................................................................
measurement: do not call msgb_l3len without checking
The function lchan_meas_handle_sacch() calls msgb_l3len without checking
if l3h is even populated. Lets add a check to be sure.
Change-Id: Ie5a9fe1ba880e68edb74f5f4ca559ac191330d4f
---
M src/common/measurement.c
1 file changed, 7 insertions(+), 1 deletion(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-bts refs/changes/51/29651/1

diff --git a/src/common/measurement.c b/src/common/measurement.c
index 82a1cf4..bc7bbe5 100644
--- a/src/common/measurement.c
+++ b/src/common/measurement.c
@@ -916,6 +916,8 @@
    uint8_t ms_ta;
    int8_t ul_rssi;
    int16_t ul_ci_cb;
+	uint8_t *l3;
+	int l3_len;
if (msgb_l2len(msg) == GSM_MACBLOCK_LEN) {
    	/* Some brilliant engineer decided that the ordering of
@@ -945,7 +947,11 @@
    }
timing_offset = ms_to_valid(lchan) ? ms_to2rsl(lchan, ms_ta) : -1;
-	rc = rsl_tx_meas_res(lchan, msgb_l3(msg), msgb_l3len(msg), timing_offset);
+	l3 = msgb_l3(msg);
+	l3_len = 0;
+	if (l3)
+		l3_len = msgb_l3len(msg);
+	rc = rsl_tx_meas_res(lchan, l3, l3_len, timing_offset);
    if (rc == 0) /* Count successful transmissions */
    	lchan->meas.res_nr++;
-- 
To view, visit https://gerrit.osmocom.org/c/osmo-bts/+/29651
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-bts
Gerrit-Branch: master
Gerrit-Change-Id: Ie5a9fe1ba880e68edb74f5f4ca559ac191330d4f
Gerrit-Change-Number: 29651
Gerrit-PatchSet: 1
Gerrit-Owner: dexter pmaier@sysmocom.de
Gerrit-MessageType: newchange



    