[PATCH] osmo-sgsn[master]: gprs_gmm: segfault: gracefully handle failure to alloc context

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Neels Hofmeyr gerrit-no-reply at lists.osmocom.org
Wed Dec 20 00:48:04 UTC 2017


Review at  https://gerrit.osmocom.org/5517

gprs_gmm: segfault: gracefully handle failure to alloc context

This counter allocation error I hit uncovers a segfault when allocating an MM
context fails in the GSM_MI_TYPE_TMSI case:

  DRANAP <001a> ../../../src/osmo-iuh/src/iu_client.c:509 handle_co_initial(dir=1, proc=19)
  DRANAP <001a> ../../../src/osmo-iuh/src/iu_client.c:229 RNC 23: new LAC 24358 RAC 22
  DMM <0002> ../../../../src/osmo-sgsn/src/gprs/gprs_gmm.c:1271 MM(---/ffffffff) -> GMM ATTACH REQUEST MI(3427325924) type="GPRS attach"
  DLGLOBAL <001d> ../../../src/libosmocore/src/rate_ctr.c:195 counter group 'sgsn:mmctx' already exists for index 0
  DMM <0002> ../../../../src/osmo-sgsn/src/gprs/gprs_sgsn.c:272 MM(/00000000) Cannot allocate counter group

  Program received signal SIGSEGV, Segmentation fault.
  gsm48_rx_gmm_att_req (llme=0x0, msg=0x555555886950, ctx=0x0) at ../../../../src/osmo-sgsn/src/gprs/gprs_gmm.c:1375
  1375				ctx->p_tmsi = tmsi;

Fix it with a bit of code already present for the GSM_MI_TYPE_IMSI case just
above the segfault.

Change-Id: I49aa95b610f2faec52dede2e4816da47ca1dfb14
---
M src/gprs/gprs_gmm.c
1 file changed, 4 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/osmo-sgsn refs/changes/17/5517/1

diff --git a/src/gprs/gprs_gmm.c b/src/gprs/gprs_gmm.c
index 147e001..8441f6b 100644
--- a/src/gprs/gprs_gmm.c
+++ b/src/gprs/gprs_gmm.c
@@ -1372,6 +1372,10 @@
 				ctx = sgsn_mm_ctx_alloc_iu(msg->dst);
 			else
 				ctx = sgsn_mm_ctx_alloc_gb(msgb_tlli(msg), &ra_id);
+			if (!ctx) {
+				reject_cause = GMM_CAUSE_NET_FAIL;
+				goto rejected;
+			}
 			ctx->p_tmsi = tmsi;
 		}
 		if (ctx->ran_type == MM_CTX_T_GERAN_Gb) {

-- 
To view, visit https://gerrit.osmocom.org/5517
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I49aa95b610f2faec52dede2e4816da47ca1dfb14
Gerrit-PatchSet: 1
Gerrit-Project: osmo-sgsn
Gerrit-Branch: master
Gerrit-Owner: Neels Hofmeyr <nhofmeyr at sysmocom.de>



More information about the gerrit-log mailing list