fixeria has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-bts/+/38749?usp=email ) Change subject: l1sap: l1sap_tch_rts_ind(): fix NULL ptr dereference ...................................................................... l1sap: l1sap_tch_rts_ind(): fix NULL ptr dereference The 'resp_msg' will be NULL if msgb_dequeue_count() returns NULL, i.e. in the case of Downlink queue underrun. We need to handle this gracefully and check 'resp_msg' before dereferencing it. Change-Id: I4e1ea1d1ded2ffb3a07cc06f8b9b5dd922d32ec6 Fixes: 0a34af153 ("CSD NT modes: transmit properly aligned RLP frames on DL") --- M src/common/l1sap.c 1 file changed, 5 insertions(+), 2 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-bts refs/changes/49/38749/1 diff --git a/src/common/l1sap.c b/src/common/l1sap.c index dc83e77..18d7d93 100644 --- a/src/common/l1sap.c +++ b/src/common/l1sap.c @@ -1789,8 +1789,11 @@ tchf96_nt_dl_alignment(lchan, resp_msg, fn); break; case GSM48_CMODE_DATA_14k5: - gsmtap_csd_rlp_dl(lchan, fn, msgb_l2(resp_msg), - msgb_l2len(resp_msg)); + if (resp_msg != NULL) { + gsmtap_csd_rlp_dl(lchan, fn, + msgb_l2(resp_msg), + msgb_l2len(resp_msg)); + } break; default: LOGPLCGT(lchan, &g_time, DL1P, LOGL_ERROR, -- To view, visit https://gerrit.osmocom.org/c/osmo-bts/+/38749?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email Gerrit-MessageType: newchange Gerrit-Project: osmo-bts Gerrit-Branch: master Gerrit-Change-Id: I4e1ea1d1ded2ffb3a07cc06f8b9b5dd922d32ec6 Gerrit-Change-Number: 38749 Gerrit-PatchSet: 1 Gerrit-Owner: fixeria <vyanitskiy(a)sysmocom.de>