aboutsummaryrefslogtreecommitdiffstats
path: root/src/libmsc/ran_peer.c
diff options
context:
space:
mode:
authorVadim Yanitskiy <axilirator@gmail.com>2019-05-10 02:44:57 +0700
committerVadim Yanitskiy <axilirator@gmail.com>2019-05-10 02:56:07 +0700
commit53d3e0e54a6d9fe4356c6076cb8d064fba3b4e87 (patch)
tree691b6b717e737737e91a96c52b85e406100f637d /src/libmsc/ran_peer.c
parentf839967f91939b8dc5fab3e09e9d524552f17dbb (diff)
libmsc/ran_peer.c: fix msgb memleak in ran_peer_rx_reset()
It was noticed that SCCP_RAN_MSG_RESET_ACK message is not freed after sending. Since ran_peer_rx_reset() calls sccp_ran_down_l2_cl(), which then calls osmo_sccp_user_sap_down_nofree(), which doesn't free the message buffer (what's clear from its name). OsmoMSC# show talloc-context application full filter msgb full talloc report on 'osmo_msc' (total 20155 bytes in 88 blocks) msgb contains 4640 bytes in 5 blocks (ref 0) bssmap: reset ack contains 1160 bytes in 1 blocks (ref 0) bssmap: reset ack contains 1160 bytes in 1 blocks (ref 0) bssmap: reset ack contains 1160 bytes in 1 blocks (ref 0) Let's free it after sending (or in case of error). Change-Id: Ic174f6eecd6254af597dfbdc1c9e3d65716f0a76
Diffstat (limited to 'src/libmsc/ran_peer.c')
-rw-r--r--src/libmsc/ran_peer.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/libmsc/ran_peer.c b/src/libmsc/ran_peer.c
index ac2bb4f96..40040a2e3 100644
--- a/src/libmsc/ran_peer.c
+++ b/src/libmsc/ran_peer.c
@@ -140,11 +140,15 @@ static void ran_peer_rx_reset(struct ran_peer *rp)
if (sccp_ran_down_l2_cl(rp->sri, &rp->peer_addr, reset_ack)) {
LOG_RAN_PEER(rp, LOGL_ERROR, "Failed to send RESET ACKNOWLEDGE message\n");
ran_peer_state_chg(rp, RAN_PEER_ST_WAIT_RX_RESET);
+ msgb_free(reset_ack);
return;
}
LOG_RAN_PEER(rp, LOGL_INFO, "Sent RESET ACKNOWLEDGE\n");
+ /* sccp_ran_down_l2_cl() doesn't free msgb */
+ msgb_free(reset_ack);
+
ran_peer_state_chg(rp, RAN_PEER_ST_READY);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 06:50:10 +0000