From e1b3bb1629c9259ed4e1dd4eb16a06ca49a9600f Mon Sep 17 00:00:00 2001
From: Benoit Bolsee <benoit.bolsee@wtl.be>
Date: Wed, 5 Jul 2017 12:34:18 +0200
Subject: transaction: reject calls from unidentified subscribers

A valid subscriber is indespensible when allocating a new
transaction. Return NULL if no subscriber is supplied. This
will cause unidentified subscribers to be rejected.

Note: Under normal conditions, the problem does not occour,
but it is still possible that a misbehaving MS might trigger
the problem by sending a SETUP command before authenticating
the subscriber. (unencrypted networks)

Change-Id: Ia8739b6e329ab02c0064270d02ad1d6ee245520d
---
 openbsc/src/libmsc/transaction.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'openbsc/src/libmsc')

diff --git a/openbsc/src/libmsc/transaction.c b/openbsc/src/libmsc/transaction.c
index dba4bed17..4b46e22ae 100644
--- a/openbsc/src/libmsc/transaction.c
+++ b/openbsc/src/libmsc/transaction.c
@@ -70,6 +70,13 @@ struct gsm_trans *trans_alloc(struct gsm_network *net,
 
 	DEBUGP(DCC, "subscr=%p, net=%p\n", subscr, net);
 
+	/* a valid subscriber is indispensable */
+	if (subscr == NULL) {
+		LOGP(DCC, LOGL_NOTICE,
+		     "unable to alloc transaction, invalid subscriber (NULL)\n");
+		return NULL;
+	}
+
 	trans = talloc_zero(tall_trans_ctx, struct gsm_trans);
 	if (!trans)
 		return NULL;
-- 
cgit v1.2.3