diff options
author | Harald Welte <laforge@gnumonks.org> | 2010-07-01 19:56:19 +0200 |
---|---|---|
committer | Harald Welte <laforge@gnumonks.org> | 2010-07-01 19:56:19 +0200 |
commit | 8911cef81db03c6d3b3f6b7361a56538f8b2dd5c (patch) | |
tree | 567406255b89d3b18f0f62f77f58e629e84c5220 /openbsc/src/gprs/gprs_sndcp.c | |
parent | 951a12cf4e6ab74d96466de5462265070b345291 (diff) |
[SGSN] Fix segfault when passing re-assembled SN-PDU to GMM
sgsn_rx_sndcp_ud_ind() can no longer make the assumption that msgb_bcid() is
valid, as this is only true for an un-fragmented SN-PDU. So instead,
we now store the RAID in the SNDCP Entity and pass it as an explicit
argument to sgsn_rx_sndcp_ud_ind().
Diffstat (limited to 'openbsc/src/gprs/gprs_sndcp.c')
-rw-r--r-- | openbsc/src/gprs/gprs_sndcp.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/openbsc/src/gprs/gprs_sndcp.c b/openbsc/src/gprs/gprs_sndcp.c index b352aeb9b..6e2d31421 100644 --- a/openbsc/src/gprs/gprs_sndcp.c +++ b/openbsc/src/gprs/gprs_sndcp.c @@ -170,8 +170,8 @@ static int defrag_segments(struct gprs_sndcp_entity *sne) /* actually send the N-PDU to the SGSN core code, which then * hands it off to the correct GTP tunnel + GGSN via gtp_data_req() */ - return sgsn_rx_sndcp_ud_ind(sne->lle->llme->tlli, sne->nsapi, msg, - sne->defrag.tot_len, npdu); + return sgsn_rx_sndcp_ud_ind(&sne->ra_id, sne->lle->llme->tlli, + sne->nsapi, msg, sne->defrag.tot_len, npdu); } static int defrag_input(struct gprs_sndcp_entity *sne, struct msgb *msg, uint8_t *hdr) @@ -517,6 +517,8 @@ int sndcp_llunitdata_ind(struct msgb *msg, struct gprs_llc_lle *lle, uint8_t *hd lle->llme->tlli, lle->sapi, sch->nsapi); return -EIO; } + /* FIXME: move this RA_ID up to the LLME or even higher */ + bssgp_parse_cell_id(&sne->ra_id, msgb_bcid(msg)); if (!sch->first || sch->more) { #if 0 @@ -542,7 +544,7 @@ int sndcp_llunitdata_ind(struct msgb *msg, struct gprs_llc_lle *lle, uint8_t *hd } /* actually send the N-PDU to the SGSN core code, which then * hands it off to the correct GTP tunnel + GGSN via gtp_data_req() */ - return sgsn_rx_sndcp_ud_ind(lle->llme->tlli, sne->nsapi, msg, npdu_len, npdu); + return sgsn_rx_sndcp_ud_ind(&sne->ra_id, lle->llme->tlli, sne->nsapi, msg, npdu_len, npdu); } /* Section 5.1.2.1 LL-RESET.ind */ |