From 143a274051338c1ae04981d5493818ccbb28841c Mon Sep 17 00:00:00 2001 From: Philipp Date: Fri, 25 Nov 2016 15:23:50 +0100 Subject: sndcp: fixup for coverity scan defect CID 149097 Coverity scan detects a Null pointer deref (FORWARD_NULL) in gprs_sndcp_comp.c: 67 in gprs_sndcp_comp_create(). The reason for this is that gprs_sndcp_dcomp_init() and also gprs_sndcp_pcomp_init() rely on the comp_entity->algo algo flag. If the program logic is correct a null pointer deref should never occur. This commit adds OSMO_ASSERT() statements to ensure a null pointer deref is catched if if the ...comp_init() functions are used with incorrect parameters. Change-Id: I7748f06d1739a697edad5100a031e5aa1ef11ed1 --- openbsc/src/gprs/gprs_sndcp_dcomp.c | 1 + openbsc/src/gprs/gprs_sndcp_pcomp.c | 1 + 2 files changed, 2 insertions(+) (limited to 'openbsc/src/gprs') diff --git a/openbsc/src/gprs/gprs_sndcp_dcomp.c b/openbsc/src/gprs/gprs_sndcp_dcomp.c index 489106b47..b0f95b486 100644 --- a/openbsc/src/gprs/gprs_sndcp_dcomp.c +++ b/openbsc/src/gprs/gprs_sndcp_dcomp.c @@ -84,6 +84,7 @@ int gprs_sndcp_dcomp_init(const void *ctx, struct gprs_sndcp_comp *comp_entity, if (comp_entity->compclass == SNDCP_XID_DATA_COMPRESSION && comp_entity->algo == V42BIS) { + OSMO_ASSERT(comp_field->v42bis_params); comp_entity->state = v42bis_init(ctx, NULL, comp_field->v42bis_params->p0, comp_field->v42bis_params->p1, diff --git a/openbsc/src/gprs/gprs_sndcp_pcomp.c b/openbsc/src/gprs/gprs_sndcp_pcomp.c index 493b26399..a2236c3b1 100644 --- a/openbsc/src/gprs/gprs_sndcp_pcomp.c +++ b/openbsc/src/gprs/gprs_sndcp_pcomp.c @@ -54,6 +54,7 @@ int gprs_sndcp_pcomp_init(const void *ctx, struct gprs_sndcp_comp *comp_entity, if (comp_entity->compclass == SNDCP_XID_PROTOCOL_COMPRESSION && comp_entity->algo == RFC_1144) { + OSMO_ASSERT(comp_field->rfc1144_params); comp_entity->state = slhc_init(ctx, comp_field->rfc1144_params->s01 + 1, comp_field->rfc1144_params->s01 + 1); -- cgit v1.2.3