In case we have access to the context verify that the selected msgb_tlli is either the old_tlli or the tlli. It is wrong to use any other TLLI. --- openbsc/src/gprs/gprs_llc.c | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/openbsc/src/gprs/gprs_llc.c b/openbsc/src/gprs/gprs_llc.c index 57e557a..c3bd9d2 100644 --- a/openbsc/src/gprs/gprs_llc.c +++ b/openbsc/src/gprs/gprs_llc.c @@ -52,6 +52,10 @@ static int _bssgp_tx_dl_ud(struct msgb *msg, struct sgsn_mm_ctx *mmctx) dup.drx_parms = mmctx->drx_parms; dup.ms_ra_cap.len = mmctx->ms_radio_access_capa.len; dup.ms_ra_cap.v = mmctx->ms_radio_access_capa.buf; + + /* make sure we only send it to the right llme */ + OSMO_ASSERT(msgb_tlli(msg) == mmctx->llme->tlli + || msgb_tlli(msg) == mmctx->llme->old_tlli); } memcpy(&dup.qos_profile, qos_profile_default, sizeof(qos_profile_default));