diff options
authorPhilipp Maier <pmaier@sysmocom.de>2018-08-07 12:06:05 +0200
committerPhilipp Maier <pmaier@sysmocom.de>2018-08-07 12:06:36 +0200
commitc1a0f7a1f5db1177679c26554c19e72a943d9510 (patch)
parent1152362b515444bf236801a87917e9979d468e70 (diff)
sigtran: fix memleak in osmo_bsc_sigtran_send()
The function osmo_bsc_sigtran_send() checks if the MSC is ready by calling a_reset_conn_ready(). If it is not ready it returns with -EINVAL. The msg message buffer is not freed, so we leak memory in those edge cases. - Make sure msg is freed when MSC is not ready. - Add a comment that osmo_bsc_sigtran_send() takes ownership of msg Change-Id: Ib1ff1d20e960a356bcee276b7c1bf9c93283e7af
1 files changed, 2 insertions, 1 deletions
diff --git a/src/osmo-bsc/osmo_bsc_sigtran.c b/src/osmo-bsc/osmo_bsc_sigtran.c
index 449f1df03..19d481787 100644
--- a/src/osmo-bsc/osmo_bsc_sigtran.c
+++ b/src/osmo-bsc/osmo_bsc_sigtran.c
@@ -338,7 +338,7 @@ int osmo_bsc_sigtran_open_conn(struct gsm_subscriber_connection *conn, struct ms
return rc;
-/* Send data to MSC */
+/* Send data to MSC, the function will take ownership of *msg */
int osmo_bsc_sigtran_send(struct gsm_subscriber_connection *conn, struct msgb *msg)
struct osmo_ss7_instance *ss7;
@@ -370,6 +370,7 @@ int osmo_bsc_sigtran_send(struct gsm_subscriber_connection *conn, struct msgb *m
if (a_reset_conn_ready(msc->a.reset_fsm) == false) {
LOGP(DMSC, LOGL_ERROR, "MSC is not connected. Dropping.\n");
+ msgb_free(msg);
return -EINVAL;