diff options
author | Philipp Maier <pmaier@sysmocom.de> | 2017-04-20 18:40:37 +0200 |
---|---|---|
committer | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2017-06-18 17:50:08 +0200 |
commit | e3aca93630e7a4572bd0459115b25348e1840c0e (patch) | |
tree | b4758b1165e0cdd85931269f1eb771948a7f3974 /openbsc/src | |
parent | 0923fc6707ea35776ad8c37a6d490ac3408dd274 (diff) |
libmsc: make pitfall in gsm0408_dispatch() more obvious
The function gsm0408_dispatch() accepts a message buffer pointer
and accesses the l3h pointer. Even in a properly allocated
message buffer, this may lead into a segfault if the user forgets
to set the l3h pointer. This commit adds assertions to popup a
more expressive error message.
Diffstat (limited to 'openbsc/src')
-rw-r--r-- | openbsc/src/libmsc/gsm_04_08.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c index 219e89692..a380b033e 100644 --- a/openbsc/src/libmsc/gsm_04_08.c +++ b/openbsc/src/libmsc/gsm_04_08.c @@ -3582,13 +3582,17 @@ void cm_service_request_concludes(struct gsm_subscriber_connection *conn, /* Main entry point for GSM 04.08/44.008 Layer 3 data (e.g. from the BSC). */ int gsm0408_dispatch(struct gsm_subscriber_connection *conn, struct msgb *msg) { - struct gsm48_hdr *gh = msgb_l3(msg); - uint8_t pdisc = gsm48_hdr_pdisc(gh); + struct gsm48_hdr *gh; + uint8_t pdisc; int rc = 0; + OSMO_ASSERT(msg->l3h) OSMO_ASSERT(conn); OSMO_ASSERT(msg); + gh = msgb_l3(msg); + pdisc = gsm48_hdr_pdisc(gh); + LOGP(DRLL, LOGL_DEBUG, "Dispatching 04.08 message %s (0x%x:0x%x)\n", gsm48_pdisc_msgtype_name(pdisc, gsm48_hdr_msg_type(gh)), pdisc, gsm48_hdr_msg_type(gh)); |