This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Osmocom BTS-side code (Abis, scheduling, ...)". The branch, master has been updated via 14566e3ceda0b0f14d3ab4f41d41f5276125aa0c (commit) via bb8037b7eb497ea418142a321a268abae6dc271d (commit) via 8e202b595cb1ff6abc1e56f7db599f3307b8e14c (commit) via d8d402099f3a47d7b50fdab79a6c55d57937bfa7 (commit) via 6733906f62dae6f1a7f21c23627009e4060966fa (commit) from a73177b1909cbf7ec9a8dc7b5f1a9a3b44c59d01 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- http://cgit.osmocom.org/osmo-bts/commit/?id=14566e3ceda0b0f14d3ab4f41d41f52… commit 14566e3ceda0b0f14d3ab4f41d41f5276125aa0c Author: Harald Welte <laforge(a)gnumonks.org> Date: Mon Nov 6 03:46:24 2017 +0900 l1sap: fix wrong return value of is_fill_frame() When determining if a frame is a fill frame or not, the case statement only conditionally handled AGCH and PCH cases. In case a non-fill-frame was observed, the return value was uninitialized, resulting in some non-fill-frames to be missed from GMSTAP Change-Id: I7b46c720e34cb8ef9a91ae5da28a050439a1937d Closes: Coverity CID#174175 http://cgit.osmocom.org/osmo-bts/commit/?id=bb8037b7eb497ea418142a321a268ab… commit bb8037b7eb497ea418142a321a268abae6dc271d Author: Harald Welte <laforge(a)gnumonks.org> Date: Mon Nov 6 02:58:54 2017 +0900 trx: Don't assume phy_instance_by_num() returns non-NULL In trx_clk_read_cb(), when calling phy_instance_by_num(), that function might in error cases return a NULL phy-instance. Let's put an OSMO_ASSERT() there as safeguard to avoid NULL dereference when dereferencing pinst->trx->bts. Fixes: Coverity CID#178657 Change-Id: If6b6b45380368e9ee9e03ca1eb7ac56c21e72b03 http://cgit.osmocom.org/osmo-bts/commit/?id=8e202b595cb1ff6abc1e56f7db599f3… commit 8e202b595cb1ff6abc1e56f7db599f3307b8e14c Author: Harald Welte <laforge(a)gnumonks.org> Date: Mon Nov 6 02:56:41 2017 +0900 trx: Don't call osmo_fr_check_sid with negative 'rc' In rx_tchf_fn(), if gsm0503_tch_fr_decode() returns a negative result, we cannot use that result as length argument to osmo_fr_check_sid() Change-Id: Ic4080b5bf6c865be3333f923f19a2340e1e272c8 Fixes: Coverity CID#178659 http://cgit.osmocom.org/osmo-bts/commit/?id=d8d402099f3a47d7b50fdab79a6c55d… commit d8d402099f3a47d7b50fdab79a6c55d57937bfa7 Author: Harald Welte <laforge(a)gnumonks.org> Date: Mon Nov 6 02:54:36 2017 +0900 trx: Avoid NULL+1 dereference in trx_ctrl_read_cb() We unconditionally pass "p+1" into sscanf() despite not knowing if 'p' is NULL or not. Change-Id: I40a49c3feb3b55ef577eebd7d567afdbcfe0d624 Fixes: Coverity CID#178661 http://cgit.osmocom.org/osmo-bts/commit/?id=6733906f62dae6f1a7f21c23627009e… commit 6733906f62dae6f1a7f21c23627009e4060966fa Author: Harald Welte <laforge(a)gnumonks.org> Date: Mon Nov 6 02:50:21 2017 +0900 trx: Better be safe than sorry before calling strlen There's a lot of pointer arithmetic in trx_ctrl_read_cb which is not so nice. While I believe the current code is safe, Coverity raises "CID 178665: Insecure data handling (INTEGER_OVERFLOW)" regardin the use of rsp_len in the strcmp(). Let's put some OSMO_ASSERT() in front and hope that makes Coverity happy. Change-Id: I5a9b3307f83cdde7c8e9f66932446604f5623b05 ----------------------------------------------------------------------- Summary of changes: src/common/l1sap.c | 4 ++-- src/osmo-bts-trx/scheduler_trx.c | 3 ++- src/osmo-bts-trx/trx_if.c | 8 +++++++- 3 files changed, 11 insertions(+), 4 deletions(-) hooks/post-receive -- Osmocom BTS-side code (Abis, scheduling, ...)