From f8b73f06827b00cc9b49a0edc5e550e22ffce474 Mon Sep 17 00:00:00 2001
From: Vadim Yanitskiy <vyanitskiy@sysmocom.de>
Date: Wed, 5 Jul 2023 01:06:20 +0700
Subject: gsup_server: fix msgb memleak in osmo_gsup_server_read_cb()

I noticed that inability to send IPA PONG in response to IPA PING
from osmo-{msc,sgsn} results in an "IPA Multiplex" chunk being leaked.

No matter what's returned from ipa_server_conn_ccm(), we need to free
the msgb containing the incoming IPA message.

Change-Id: I5c5acbffc2913f78db4894ae3633b5eca9c2e8d6
---
 src/gsup_server.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/gsup_server.c b/src/gsup_server.c
index 097a854..91110eb 100644
--- a/src/gsup_server.c
+++ b/src/gsup_server.c
@@ -179,11 +179,9 @@ static int osmo_gsup_server_read_cb(struct ipa_server_conn *conn,
 
 	if (hh->proto == IPAC_PROTO_IPACCESS) {
 		rc = ipa_server_conn_ccm(conn, msg);
-		if (rc < 0) {
-			/* conn is already invalid here! */
-			return -1;
-		}
 		msgb_free(msg);
+		if (rc < 0) /* conn is already invalid here! */
+			return -1;
 		return 0;
 	}
 
-- 
cgit v1.2.3