aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPau Espin Pedrol <pespin@sysmocom.de>2019-09-06 21:34:31 +0200
committerPau Espin Pedrol <pespin@sysmocom.de>2019-09-06 21:34:31 +0200
commitd7276bde55c8e7fff64fdec5de07f47ad1ac01cb (patch)
tree370e1fde544d447a8f6d111167c5aa332bc6aea8
parent35f0e664bf2a1c98ebd065f4d4483e542c4c7861 (diff)
sgsn: Reject PdpActReq if no GTP pdp ctx exists
It could happen that SGSN drops GTP side of a pdp ctx (pdp->lib=NULL) while still maintaing the other side (to notify about the entire pdp ctx being torn down). If a PdpActReq arrives during that time, we need to account for that situation, otherwise osmo-sgsn crashes accessing pdp->lib. If no pdp->lib is found at that time, let's reject the request and expect at some point later in time the entire pdp context will be destroyed and reestablished. Related: OS#4173 Change-Id: I6dd87557ebb26fdbd280504abde10d976acecf64
-rw-r--r--src/sgsn/gprs_sm.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/sgsn/gprs_sm.c b/src/sgsn/gprs_sm.c
index 8cf5c5d88..f8019ab6a 100644
--- a/src/sgsn/gprs_sm.c
+++ b/src/sgsn/gprs_sm.c
@@ -491,6 +491,11 @@ static int do_act_pdp_req(struct sgsn_mm_ctx *mmctx, struct msgb *msg, bool *del
/* Check if NSAPI is already in use */
pdp = sgsn_pdp_ctx_by_nsapi(mmctx, act_req->req_nsapi);
if (pdp) {
+ /* Make sure pdp ctx was not already torn down on GTP side */
+ if (!pdp->lib) {
+ gsm_cause = GSM_CAUSE_REACT_RQD;
+ goto no_context;
+ }
/* We already have a PDP context for this TLLI + NSAPI tuple */
if (pdp->sapi == act_req->req_llc_sapi &&
pdp->ti == transaction_id) {