aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Hans Peter Freyther <zecke@selfish.org>2013-01-13 16:23:36 +0100
committerHolger Hans Peter Freyther <zecke@selfish.org>2013-01-13 17:30:00 +0100
commitba36bf4c5d78bb1469d259dfae958496d96ae48c (patch)
treea1c8a2fbe8f02f69c0d1724c1806ff07e58cbbf4
parent30a3d2f0fe75385384c604a94eedb1e83f515464 (diff)
sms: Avoid infinite CP-ERROR/CP-ACK loop with sms.
The issue can be reproduced by typing the following 9 or more times. OpenBSC> subscriber id 2 sms sender id 2 send bla For some unknown reason the phone sends us a CP-ERROR for a transaction identifier we have allocated and used but don't remember. Due the way we use the SMC/SMR we 'establish' the machine and this results in a CP-ACK being sent out. But the CP-ERROR is not having the content we want for an establish so we send out a RP-ERROR. This will result in a CP-ERROR because the phone does not know the transaction... Avoid the issue by checking the direction of the transaction. If we do not know the transaction and it is supposed to be allocated by us then just ignore it and do not create a new transaction.
-rw-r--r--openbsc/src/libmsc/gsm_04_11.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/openbsc/src/libmsc/gsm_04_11.c b/openbsc/src/libmsc/gsm_04_11.c
index f22a7e15b..9e00bdac7 100644
--- a/openbsc/src/libmsc/gsm_04_11.c
+++ b/openbsc/src/libmsc/gsm_04_11.c
@@ -762,6 +762,18 @@ int gsm0411_rcv_sms(struct gsm_subscriber_connection *conn,
DEBUGP(DLSMS, "receiving data (trans_id=%x)\n", transaction_id);
trans = trans_find_by_id(conn->subscr, GSM48_PDISC_SMS,
transaction_id);
+
+ /*
+ * A transaction we created but don't know about?
+ */
+ if (!trans && (transaction_id & 0x8) == 0) {
+ LOGP(DLSMS, LOGL_ERROR, "trans_id=%x allocated by us but known "
+ "to us anymore. We are ignoring it, maybe a CP-ERROR "
+ "from a MS?\n",
+ transaction_id);
+ return -EINVAL;
+ }
+
if (!trans) {
DEBUGP(DLSMS, " -> (new transaction)\n");
trans = trans_alloc(conn->subscr, GSM48_PDISC_SMS,