diff options
authorPhilipp Maier <pmaier@sysmocom.de>2019-01-08 13:04:41 +0100
committerPhilipp Maier <pmaier@sysmocom.de>2019-01-14 09:06:52 +0100
commitf3ba4d7bd29ac63f209c7f6ebbe25eb587e0a1a2 (patch)
parentcf4a49b7b08d94e0de678d57aa7c0b14df38f9d6 (diff)
paging: fix nullpointer deref
In theroy the function T_def_get_entry() may return a nullpointer. In this case we would run straight into a nullpointer dereference problem. However, the requested timer is statically defined and should always be there. However Coverity still reports this as a problem. Lets put an OSMO_ASSERT to make clear that there is no problem here. Fixes: CID#190403 Change-Id: If5238132d9d5a1507b9955a0b2dc4b1bced220e8
1 files changed, 5 insertions, 0 deletions
diff --git a/src/osmo-bsc/paging.c b/src/osmo-bsc/paging.c
index 2c9d5cd2c..066db1c62 100644
--- a/src/osmo-bsc/paging.c
+++ b/src/osmo-bsc/paging.c
@@ -296,6 +296,11 @@ static unsigned int calculate_timer_3113(struct gsm_bts *bts)
unsigned int to_us, to;
struct T_def *d = T_def_get_entry(bts->network->T_defs, 3113);
+ /* Note: d should always contain a valid pointer since all timers,
+ * including 3113 are statically pre-defined in
+ * struct T_def gsm_network_T_defs. */
if (!bts->T3113_dynamic)
return d->val;