diff options
author | Neels Hofmeyr <neels@hofmeyr.de> | 2017-12-20 00:41:27 +0100 |
---|---|---|
committer | Neels Hofmeyr <neels@hofmeyr.de> | 2017-12-20 00:41:29 +0100 |
commit | aa7af4d02914938c579c0ea5da0f3684d9072bde (patch) | |
tree | 52377968dd2e306609b630c862b6c1c01af83103 | |
parent | e882482db5b211174bfac94284741cc35f8b9b0d (diff) |
gprs_gmm: segfault: gracefully handle failure to alloc context
This counter allocation error I hit uncovers a segfault when allocating an MM
context fails in the GSM_MI_TYPE_TMSI case:
DRANAP <001a> ../../../src/osmo-iuh/src/iu_client.c:509 handle_co_initial(dir=1, proc=19)
DRANAP <001a> ../../../src/osmo-iuh/src/iu_client.c:229 RNC 23: new LAC 24358 RAC 22
DMM <0002> ../../../../src/osmo-sgsn/src/gprs/gprs_gmm.c:1271 MM(---/ffffffff) -> GMM ATTACH REQUEST MI(3427325924) type="GPRS attach"
DLGLOBAL <001d> ../../../src/libosmocore/src/rate_ctr.c:195 counter group 'sgsn:mmctx' already exists for index 0
DMM <0002> ../../../../src/osmo-sgsn/src/gprs/gprs_sgsn.c:272 MM(/00000000) Cannot allocate counter group
Program received signal SIGSEGV, Segmentation fault.
gsm48_rx_gmm_att_req (llme=0x0, msg=0x555555886950, ctx=0x0) at ../../../../src/osmo-sgsn/src/gprs/gprs_gmm.c:1375
1375 ctx->p_tmsi = tmsi;
Fix it with a bit of code already present for the GSM_MI_TYPE_IMSI case just
above the segfault.
Change-Id: I49aa95b610f2faec52dede2e4816da47ca1dfb14
-rw-r--r-- | src/gprs/gprs_gmm.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/gprs/gprs_gmm.c b/src/gprs/gprs_gmm.c index 147e0017b..8441f6b68 100644 --- a/src/gprs/gprs_gmm.c +++ b/src/gprs/gprs_gmm.c @@ -1372,6 +1372,10 @@ static int gsm48_rx_gmm_att_req(struct sgsn_mm_ctx *ctx, struct msgb *msg, ctx = sgsn_mm_ctx_alloc_iu(msg->dst); else ctx = sgsn_mm_ctx_alloc_gb(msgb_tlli(msg), &ra_id); + if (!ctx) { + reject_cause = GMM_CAUSE_NET_FAIL; + goto rejected; + } ctx->p_tmsi = tmsi; } if (ctx->ran_type == MM_CTX_T_GERAN_Gb) { |