[PATCH] libosmocore[master]: Check for proper lapdm_datalink entity

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Max gerrit-no-reply at lists.osmocom.org
Wed Mar 1 17:20:08 UTC 2017


Review at  https://gerrit.osmocom.org/1959

Check for proper lapdm_datalink entity

Previously lapdm_datalink->entity->mode was dereferenced without
checking if correct entity is present. This might lead to
segfault. Check it explicitly before dereferencing, log error and
gracefully return if necessary.

Change-Id: I0361e3731e86712b415a370cab1128d611988f56
Related: OS#1898
---
M src/gsm/lapdm.c
1 file changed, 8 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/59/1959/1

diff --git a/src/gsm/lapdm.c b/src/gsm/lapdm.c
index fa7769b..30a3f70 100644
--- a/src/gsm/lapdm.c
+++ b/src/gsm/lapdm.c
@@ -852,10 +852,16 @@
 	struct abis_rsl_rll_hdr *rllh = msgb_l2(msg);
 	uint8_t chan_nr = rllh->chan_nr;
 	uint8_t link_id = rllh->link_id;
-	int ui_bts = (le->mode == LAPDM_MODE_BTS && (link_id & 0x40));
 	uint8_t sapi = link_id & 7;
 	struct tlv_parsed tv;
-	int length;
+	int length, ui_bts;
+
+	if (!le) {
+		LOGP(DLLAPD, LOGL_ERROR, "lapdm_datalink without entity error\n");
+		msgb_free(msg);
+		return -EBADR;
+	}
+	ui_bts = (le->mode == LAPDM_MODE_BTS && (link_id & 0x40));
 
 	/* check if the layer3 message length exceeds N201 */
 

-- 
To view, visit https://gerrit.osmocom.org/1959
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I0361e3731e86712b415a370cab1128d611988f56
Gerrit-PatchSet: 1
Gerrit-Project: libosmocore
Gerrit-Branch: master
Gerrit-Owner: Max <msuraev at sysmocom.de>



More information about the gerrit-log mailing list