This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
dexter gerrit-no-reply at lists.osmocom.orgdexter has uploaded this change for review. ( https://gerrit.osmocom.org/10334 Change subject: GSCON: fix segfault after gscon timout ...................................................................... GSCON: fix segfault after gscon timout The gscon timeout callback function gscon_timer_cb() may call a_reset_conn_fail(). When doing so it dereferences conn->sccp.msc. However, there may be situations where sccp.msc is not populated. This is the case when the subscriber connection is just created but no SCCP connection is present yet. For example, When the connection between BSC and MSC is down, then we never get an SCCP connection and the timeout function executes. Then the call to a_reset_conn_fail() leads into a null pointer dereference. - Check if conn->sccp.msc is populated before calling a_reset_conn_fail() Change-Id: I0802aaadf0af4e58e41c98999e8c6823838adb61 Related: OS#3447 --- M src/osmo-bsc/bsc_subscr_conn_fsm.c 1 file changed, 2 insertions(+), 1 deletion(-) git pull ssh://gerrit.osmocom.org:29418/osmo-bsc refs/changes/34/10334/1 diff --git a/src/osmo-bsc/bsc_subscr_conn_fsm.c b/src/osmo-bsc/bsc_subscr_conn_fsm.c index bc7539b..20cd53a 100644 --- a/src/osmo-bsc/bsc_subscr_conn_fsm.c +++ b/src/osmo-bsc/bsc_subscr_conn_fsm.c @@ -784,7 +784,8 @@ * disconnected. */ LOGPFSML(fi, LOGL_ERROR, "Long after a BSSMAP Clear Command, the conn is still not" " released. For sanity, discarding this conn now.\n"); - a_reset_conn_fail(conn->sccp.msc->a.reset_fsm); + if (conn->sccp.msc) + a_reset_conn_fail(conn->sccp.msc->a.reset_fsm); osmo_fsm_inst_term(fi, OSMO_FSM_TERM_ERROR, NULL); break; default: -- To view, visit https://gerrit.osmocom.org/10334 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-bsc Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: I0802aaadf0af4e58e41c98999e8c6823838adb61 Gerrit-Change-Number: 10334 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier at sysmocom.de> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20180803/1a0d6215/attachment.htm>