* Fix null ptr dereference and sms memleak in case the recipient of an sms sent via vty is not attached. Store the sms in the database in this case for later delivery.

The problem is that sms_from_text returns NULL in case the
subscriber is not attached which a) leaks memory of the
previously allocated sms and b) runs into a null ptr
dereference in _send_sms_str().

There may be a better solution than this but this is the
easiest way of noticing and taking action I could find
without changing return values of sms_from_text.

1 files changed, 10 insertions, 6 deletions

diff --git a/openbsc/src/vty_interface_layer3.c b/openbsc/src/vty_interface_layer3.c
index 9a2c5face..102b49655 100644
--- a/openbsc/src/vty_interface_layer3.c
+++ b/openbsc/src/vty_interface_layer3.c
@@ -166,11 +166,6 @@ struct gsm_sms *sms_from_text(struct gsm_subscriber *receiver, const char *text)
 	if (!sms)
 		return NULL;
 
-	if (!receiver->lac) {
-		/* subscriber currently not attached, store in database? */
-		return NULL;
-	}
-
 	sms->receiver = subscr_get(receiver);
 	strncpy(sms->text, text, sizeof(sms->text)-1);
 
@@ -195,7 +190,16 @@ static int _send_sms_str(struct gsm_subscriber *receiver, char *str,
 
 	sms = sms_from_text(receiver, str);
 	sms->protocol_id = tp_pid;
-	gsm411_send_sms_subscr(receiver, sms);
+
+	if(!receiver->lac){
+		/* subscriber currently not attached, store in database */
+		if (db_sms_store(sms) != 0) {
+			LOGP(DSMS, LOGL_ERROR, "Failed to store SMS in Database\n");
+			return CMD_WARNING;
+		}
+	} else {
+		gsm411_send_sms_subscr(receiver, sms);
+	}
 
 	return CMD_SUCCESS;
 }