authorNeels Hofmeyr <nhofmeyr@sysmocom.de>2016-11-26 13:37:55 +0100
committerNeels Hofmeyr <nhofmeyr@sysmocom.de>2016-11-28 12:09:06 +0100
commiteb52aad198323fd86fbffc3bab3be4e5d394b205 (patch)
tree9709861e68a556a4ca9a3e0bd9e1b8c4fc5e1c3f /openbsc/src/gprs/gprs_gmm.c
parent143a274051338c1ae04981d5493818ccbb28841c (diff)
IuPS: properly update ra_id on GMM Attach Request
For new MM contexts, the ra_id was correctly obtained from the ue_ctx, but in case an MM ctx is re-used and the ra_id changed, the new ra_id was not copied to the MM context; instead, the ra_id was overwritten with uninitialized data. Always initialize the local ra_id variable from the ue_ctx->ra_id for Iu connections; it is used further below to update the ctx->ra_id. For the case of a brand new Iu MM ctx, the ctx->ra_id then gets initialized a second time. We could technically drop the init in sgsn_mm_ctx_alloc_iu(), but it doesn't hurt either way. Fixes: CID#57936 Change-Id: Ia06458758362e76925690b1757d8ced95e9609e4
@@ -65,10 +65,7 @@
#include <openbsc/gprs_utils.h>
#include <openbsc/sgsn.h>
#include <openbsc/signal.h>
-#ifdef BUILD_IU
#include <openbsc/iu.h>
#include <pdp.h>
@@ -1076,7 +1073,8 @@ static int gsm48_rx_gmm_att_req(struct sgsn_mm_ctx *ctx, struct msgb *msg,
if (!msg->dst) {
/* Gb mode */
cid = bssgp_parse_cell_id(&ra_id, msgb_bcid(msg));
- }
+ } else
+ ra_id = ((struct ue_conn_ctx*)msg->dst)->ra_id;
/* MS network capability */
msnc_len = *cur++;