From cc2fb61a1639b5237d2271f2789cfbe951471d78 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Thu, 14 Jun 2018 14:25:30 +0200 Subject: absi_rsl: Fix segfault in rsl_rx_conn_fail() When we receive a RSL CONN FAIL IND, it may be that this happens before any RLL is established (and hence a lchan->conn exists), or after the RLLs have been shut down (and hence a lchan->conn doesn't exist anymore). So in this function, it is not legal to unconditionally dereference lchan->conn. Change-Id: I6380f5d2cd9364560ce3947517c84247cf4af0d4 Closes: OS#3182 --- src/osmo-bsc/abis_rsl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/osmo-bsc/abis_rsl.c b/src/osmo-bsc/abis_rsl.c index 60b836d31..add439069 100644 --- a/src/osmo-bsc/abis_rsl.c +++ b/src/osmo-bsc/abis_rsl.c @@ -1382,7 +1382,8 @@ static int rsl_rx_conn_fail(struct msgb *msg) LOGPC(DRSL, LOGL_NOTICE, "\n"); rate_ctr_inc(&lchan->ts->trx->bts->bts_ctrs->ctr[BTS_CTR_CHAN_RF_FAIL]); - osmo_fsm_inst_dispatch(lchan->conn->fi, GSCON_EV_RSL_CONN_FAIL, &cause); + if (lchan->conn) + osmo_fsm_inst_dispatch(lchan->conn->fi, GSCON_EV_RSL_CONN_FAIL, &cause); return 0; } -- cgit v1.2.3