Change in osmo-bsc-nat[master]: bsc_nat_fsm: initial msc <> bsc msg forwarding - gerrit-log

1 Feb 2022


      Attention is currently required from: pespin.
osmith has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-bsc-nat/+/27030 )
Change subject: bsc_nat_fsm: initial msc <> bsc msg forwarding
......................................................................
Patch Set 5:
(1 comment)
File src/osmo-bsc-nat/bsc_nat_fsm.c:
https://gerrit.osmocom.org/c/osmo-bsc-nat/+/27030/comment/645d50ef_cf58b721 
PS5, Line 142: 		oph->msg = NULL;
...
Why are you doing this?
So I can properly msgb_free(oph->msg) before return of this function, if it is not NULL.
...
Is msgb_free() called somewhere inside osmo_sccp_tx_unitdata_msg ?
Yes:
https://git.osmocom.org/libosmo-sccp/tree/src/sccp_helpers.c?id=5cac653a9864...
...
Did you check if oph pointer is actually allocated INSIDE the msg data? because then you are writing to already-freed memory. If that's the case, you should not use oph nor oph->msg anymore.
Thanks for pointing this out, indeed the callers of sccp_user_prim_up in libosmo-sccp allocate oph inside msg and as I understand, I should set oph = NULL to check later if msgb_free is needed. I'm not so familiar with internals of msgb, but now I understood that I don't even need to set l3h to l2h, I can just use msgb_pull_to_l2. Patch updated.
-- 
To view, visit https://gerrit.osmocom.org/c/osmo-bsc-nat/+/27030
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-bsc-nat
Gerrit-Branch: master
Gerrit-Change-Id: I4af398bb433341a98f818822e6c3af28b6d9dacd
Gerrit-Change-Number: 27030
Gerrit-PatchSet: 5
Gerrit-Owner: osmith osmith@sysmocom.de
Gerrit-Reviewer: Jenkins Builder
Gerrit-CC: pespin pespin@sysmocom.de
Gerrit-Attention: pespin pespin@sysmocom.de
Gerrit-Comment-Date: Tue, 01 Feb 2022 10:58:32 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: pespin pespin@sysmocom.de
Gerrit-MessageType: comment