diff options
author | Pau Espin Pedrol <pespin@sysmocom.de> | 2018-06-08 12:37:46 +0200 |
---|---|---|
committer | Pau Espin Pedrol <pespin@sysmocom.de> | 2018-06-08 12:37:48 +0200 |
commit | 9612004c0794cf1d606814e962be0e3a85c143c4 (patch) | |
tree | 26e0815b0128541ef902f2bf47ed3624fc236bda | |
parent | 3b55a5bc77a76881fe976bcf9f1e6b4937502428 (diff) |
bsc-nat: ipaccess_auth_bsc: Close bsc conn immediately on bad format received
This commit changes behaviour to a (imho) better logic and is a
preparation for follow-up commits to avoid heap-use-after-free error
when closing the bsc connection.
Previously, authentication would still not be accepted but the
connection would be staying alive for a while until id_timeout timer
triggers. Let's close the connection immediately instead, this way BSC
side can see quickly something is wrong with what it is sending.
Furthermore, this way the logic of the function is simplified: If auth
goes well, conn is alive. If auth goes wrong, conn is closed.
Change-Id: I972961b8967076c56c607f98c2360054144951e4
-rw-r--r-- | openbsc/src/osmo-bsc_nat/bsc_nat.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c b/openbsc/src/osmo-bsc_nat/bsc_nat.c index 373ba97a9..fb2ec8347 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c @@ -1038,12 +1038,14 @@ static void ipaccess_auth_bsc(struct tlv_parsed *tvp, struct bsc_connection *bsc if (len <= 0) { LOGP(DNAT, LOGL_ERROR, "Token with length zero on fd: %d\n", bsc->write_queue.bfd.fd); + bsc_close_connection(bsc); return; } if (token[len - 1] != '\0') { LOGP(DNAT, LOGL_ERROR, "Token not null terminated on fd: %d\n", bsc->write_queue.bfd.fd); + bsc_close_connection(bsc); return; } |