This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
pespin gerrit-no-reply at lists.osmocom.orgHello Jenkins Builder, laforge, fixeria, I'd like you to reexamine a change. Please visit https://gerrit.osmocom.org/c/osmo-pcu/+/24812 to look at the new patch set (#2). Change subject: pdch: Fix heap-use-after-free in pdch->ulc ...................................................................... pdch: Fix heap-use-after-free in pdch->ulc In existing previous code, pdch->ulc would be freed in gprs_rlcmac_pdch::free_resources() when it became disabled as per PCUIF info_ind (for instance, when a DYN TS is switched PDCH->SDCCH8). However, pdch->ulc was so far only allocated during pdch_init, which is only called during bts_alloc() time. Hence, after first info_ind disabling it, if it became again enabled (again by info_ind re-enabling it after SDCCH8 was not longer in use), the pdch->ulc would be used again but it would point to freed memory. Let's rearrange how/when resources are freed to make it more logical. With this patch, pdch internal resources are freed upon ->disable(), and re-allocated upon ->enable(). Change-Id: Id51f5f6a54ac9f24b784c17bc360ac38f5726fc7 --- M src/osmobts_sock.c M src/pcu_l1_if.cpp M src/pdch.cpp M src/pdch.h M tests/tbf/TbfTest.cpp M tests/ulc/PdchUlcTest.cpp 6 files changed, 36 insertions(+), 19 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-pcu refs/changes/12/24812/2 -- To view, visit https://gerrit.osmocom.org/c/osmo-pcu/+/24812 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-pcu Gerrit-Branch: master Gerrit-Change-Id: Id51f5f6a54ac9f24b784c17bc360ac38f5726fc7 Gerrit-Change-Number: 24812 Gerrit-PatchSet: 2 Gerrit-Owner: pespin <pespin at sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: fixeria <vyanitskiy at sysmocom.de> Gerrit-Reviewer: laforge <laforge at osmocom.org> Gerrit-MessageType: newpatchset -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20210701/2af2e3b5/attachment.htm>