fixeria has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-pcap/+/42848?usp=email )

Change subject: server: fix NULL deref of file_hdr_msg when store is disabled ......................................................................

server: fix NULL deref of file_hdr_msg when store is disabled

When a connection has storing disabled (no store), conn->file_hdr_msg is never populated. The previous link-header handling skipped the first branch (gated on conn->store) and fell through to the comparison branch, which dereferenced the still-NULL conn->file_hdr_msg, crashing the server on the first PKT_LINK_HDR from such a client.

Gate the whole header tracking on conn->store and simply free the message when not storing, since osmo_pcap_conn_restart_trace() already no-ops in that case.

Co-Authored-By: Claude Opus 4.8 (1M context) noreply@anthropic.com Change-Id: I419e1b66d07307c3e49294984887c153cd8494c3 --- M src/osmo_server_network.c 1 file changed, 4 insertions(+), 1 deletion(-)

git pull ssh://gerrit.osmocom.org:29418/osmo-pcap refs/changes/48/42848/1

diff --git a/src/osmo_server_network.c b/src/osmo_server_network.c index 90b8b54..4aaa324 100644 --- a/src/osmo_server_network.c +++ b/src/osmo_server_network.c @@ -166,7 +166,10 @@ if ((rc = validate_link_hdr(conn, data)) < 0) return rc;

- if (conn->store && !conn->wrf) { + if (!conn->store) { + /* Not storing to a file: no link header to track or compare. */ + msgb_free(msg); + } else if (!conn->wrf) { /* First received link hdr in conn */ update_conn_file_hdr_msg(conn, msg); } else if (msgb_l2len(conn->file_hdr_msg) != msgb_l2len(msg) ||