From db4839c267cf5a133e92d93d6d12ef7513b23e62 Mon Sep 17 00:00:00 2001
From: Vadim Yanitskiy <axilirator@gmail.com>
Date: Sun, 1 Dec 2019 18:52:58 +0700
Subject: libmsc: fix potential NULL-pointer dereferences detected by GCC's LTO

Change-Id: Ib7ba8909dce64d1b8ff3a53495fe3eefc446ed8e
---
 src/libmsc/msc_ho.c  | 5 ++++-
 src/libmsc/msc_vty.c | 5 +++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/libmsc/msc_ho.c b/src/libmsc/msc_ho.c
index ac7602f01..aa513eb58 100644
--- a/src/libmsc/msc_ho.c
+++ b/src/libmsc/msc_ho.c
@@ -67,9 +67,12 @@ static __attribute__((constructor)) void msc_ho_fsm_init()
 
 void msc_ho_down_required_reject(struct msc_a *msc_a, enum gsm0808_cause cause)
 {
-	struct msc_i *msc_i = msc_a_msc_i(msc_a);
+	struct msc_i *msc_i;
 	uint32_t event;
 
+	msc_i = msc_a_msc_i(msc_a);
+	OSMO_ASSERT(msc_i);
+
 	struct ran_msg ran_enc_msg = {
 		.msg_type = RAN_MSG_HANDOVER_REQUIRED_REJECT,
 		.handover_required_reject = {
diff --git a/src/libmsc/msc_vty.c b/src/libmsc/msc_vty.c
index f833585e3..cd82a07a7 100644
--- a/src/libmsc/msc_vty.c
+++ b/src/libmsc/msc_vty.c
@@ -1148,6 +1148,11 @@ static int _send_sms_str(struct vlr_subscr *receiver,
 	struct gsm_sms *sms;
 
 	sms = sms_from_text(receiver, sender_msisdn, 0, str);
+	if (!sms) {
+		LOGP(DLSMS, LOGL_ERROR, "Failed to allocate SMS\n");
+		return CMD_WARNING;
+	}
+
 	sms->protocol_id = tp_pid;
 
 	/* store in database for the queue */
-- 
cgit v1.2.3