From 881064e9b81de4aee7a9cdd52184860260f8723c Mon Sep 17 00:00:00 2001 From: Max Date: Wed, 14 Dec 2016 14:51:40 +0100 Subject: Prevent segfault in range encoding * Explicitly check when ARFCN array split is impossible and return gracefully instead of using negative index. * Separate range encoding into generic function and use it for all SI-related things. * Propagate the error into that function and to its callers. * Add separate test-case for the segfault previously triggered by this bug. Change-Id: I3e049ab2d7c1c4d6c791b148f37e10636a8e43e0 Related: RT#7379 --- openbsc/tests/gsm0408/gsm0408_test.c | 16 ++++++++++++++++ openbsc/tests/gsm0408/gsm0408_test.ok | 4 ++++ 2 files changed, 20 insertions(+) (limited to 'openbsc/tests/gsm0408') diff --git a/openbsc/tests/gsm0408/gsm0408_test.c b/openbsc/tests/gsm0408/gsm0408_test.c index ae8cbdd0f..472c2aeef 100644 --- a/openbsc/tests/gsm0408/gsm0408_test.c +++ b/openbsc/tests/gsm0408/gsm0408_test.c @@ -120,6 +120,21 @@ static inline void _bts_uarfcn_add(struct gsm_bts *bts, uint16_t arfcn, gen(bts); } +static inline void test_si2q_segfault(void) +{ + struct gsm_bts *bts; + struct gsm_network *network = bsc_network_init(tall_bsc_ctx, 1, 1, NULL); + printf("Test SI2quater UARFCN (same scrambling code and diversity):\n"); + + if (!network) + exit(1); + bts = gsm_bts_alloc(network); + + _bts_uarfcn_add(bts, 10564, 319, 0); + _bts_uarfcn_add(bts, 10612, 319, 0); + gen(bts); +} + static inline void test_si2q_u(void) { struct gsm_bts *bts; @@ -590,6 +605,7 @@ int main(int argc, char **argv) test_range_encoding(); test_gsm411_rp_ref_wrap(); + test_si2q_segfault(); test_si2q_e(); test_si2q_u(); printf("Done.\n"); diff --git a/openbsc/tests/gsm0408/gsm0408_test.ok b/openbsc/tests/gsm0408/gsm0408_test.ok index ebe94762e..1118dd940 100644 --- a/openbsc/tests/gsm0408/gsm0408_test.ok +++ b/openbsc/tests/gsm0408/gsm0408_test.ok @@ -62,6 +62,10 @@ testing RP-Reference wrap Allocated reference: 255 Allocated reference: 0 Allocated reference: 1 +Test SI2quater UARFCN (same scrambling code and diversity): +generated valid SI2quater: [23] 59 06 07 c0 00 25 52 88 0a 7e 10 99 64 00 0b 2b 2b 2b 2b 2b 2b 2b 2b +failed to generate SI2quater: Invalid argument +failed to generate SI2quater: Invalid argument Testing SYSINFO_TYPE_2quater EARFCN generation: generated invalid SI2quater: [23] 59 06 07 c0 00 04 86 59 0a 03 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b added EARFCN 1917 - generated valid SI2quater: [23] 59 06 07 c0 00 04 86 59 83 be c8 50 0b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b -- cgit v1.2.3