Check actx->private_data validity before using it

svn path=/trunk/; revision=50339

1 files changed, 65 insertions, 59 deletions

diff --git a/epan/dissectors/packet-rrc.c b/epan/dissectors/packet-rrc.c
index 0e0744178c..1c23d801ae 100644
--- a/epan/dissectors/packet-rrc.c
+++ b/epan/dissectors/packet-rrc.c
@@ -16366,7 +16366,7 @@ dissect_rrc_ActivationTime(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _
 
 static int
 dissect_rrc_RB_Identity(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 873 "../../asn1/rrc/rrc.cnf"
+#line 879 "../../asn1/rrc/rrc.cnf"
 
   offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index,
                                                             1U, 32U, &rbid, FALSE);
@@ -16383,7 +16383,7 @@ dissect_rrc_RB_Identity(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_,
 
 static int
 dissect_rrc_RLC_SequenceNumber(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 879 "../../asn1/rrc/rrc.cnf"
+#line 885 "../../asn1/rrc/rrc.cnf"
 
   offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index,
                                                             0U, 4095U, &activation_frame, FALSE);
@@ -16403,7 +16403,7 @@ static const per_sequence_t RB_ActivationTimeInfo_sequence[] = {
 
 static int
 dissect_rrc_RB_ActivationTimeInfo(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 851 "../../asn1/rrc/rrc.cnf"
+#line 857 "../../asn1/rrc/rrc.cnf"
   fp_info       *fpinf;
   rrc_ciphering_info * c_inf;
 
@@ -16565,24 +16565,27 @@ dissect_rrc_NAS_SystemInformationGSM_MAP(tvbuff_t *tvb _U_, int offset _U_, asn1
 
   length = tvb_length(nas_sys_info_gsm_map_tvb);
   if (length) {
-    switch (GPOINTER_TO_UINT(actx->private_data)) {
-      case RRC_NAS_SYS_INFO_CN_COMMON:
-        item = proto_tree_add_text(tree, nas_sys_info_gsm_map_tvb, 0, length, "CN Common GSM-MAP NAS system information");
-        subtree = proto_item_add_subtree(item, ett_rrc_cn_CommonGSM_MAP_NAS_SysInfo);
-        de_cn_common_gsm_map_nas_sys_info(nas_sys_info_gsm_map_tvb, subtree, actx->pinfo, 0, length, NULL, 0);
-        break;
-      case RRC_NAS_SYS_INFO_CS:
-        item = proto_tree_add_text(tree, nas_sys_info_gsm_map_tvb, 0, length, "CS domain specific system information");
-        subtree = proto_item_add_subtree(item, ett_rrc_cn_CommonGSM_MAP_NAS_SysInfo);
-        de_cs_domain_spec_sys_info(nas_sys_info_gsm_map_tvb, subtree, actx->pinfo, 0, length, NULL, 0);
-        break;
-      case RRC_NAS_SYS_INFO_PS:
-        item = proto_tree_add_text(tree, nas_sys_info_gsm_map_tvb, 0, length, "PS domain specific system information");
-        subtree = proto_item_add_subtree(item, ett_rrc_cn_CommonGSM_MAP_NAS_SysInfo);
-        de_ps_domain_spec_sys_info(nas_sys_info_gsm_map_tvb, subtree, actx->pinfo, 0, length, NULL, 0);
-        break;
-      default:
-        break;
+    if (actx->private_data) {
+      switch (GPOINTER_TO_UINT(actx->private_data)) {
+        case RRC_NAS_SYS_INFO_CN_COMMON:
+          item = proto_tree_add_text(tree, nas_sys_info_gsm_map_tvb, 0, length, "CN Common GSM-MAP NAS system information");
+          subtree = proto_item_add_subtree(item, ett_rrc_cn_CommonGSM_MAP_NAS_SysInfo);
+          de_cn_common_gsm_map_nas_sys_info(nas_sys_info_gsm_map_tvb, subtree, actx->pinfo, 0, length, NULL, 0);
+          break;
+        case RRC_NAS_SYS_INFO_CS:
+          item = proto_tree_add_text(tree, nas_sys_info_gsm_map_tvb, 0, length, "CS domain specific system information");
+          subtree = proto_item_add_subtree(item, ett_rrc_cn_CommonGSM_MAP_NAS_SysInfo);
+          de_cs_domain_spec_sys_info(nas_sys_info_gsm_map_tvb, subtree, actx->pinfo, 0, length, NULL, 0);
+          break;
+        case RRC_NAS_SYS_INFO_PS:
+          item = proto_tree_add_text(tree, nas_sys_info_gsm_map_tvb, 0, length, "PS domain specific system information");
+          subtree = proto_item_add_subtree(item, ett_rrc_cn_CommonGSM_MAP_NAS_SysInfo);
+          de_ps_domain_spec_sys_info(nas_sys_info_gsm_map_tvb, subtree, actx->pinfo, 0, length, NULL, 0);
+          break;
+        default:
+          break;
+      }
+      actx->private_data = NULL;
     }
   }
 
@@ -20483,7 +20486,7 @@ dissect_rrc_T_r3(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_
 
 static int
 dissect_rrc_H_RNTI(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 784 "../../asn1/rrc/rrc.cnf"
+#line 787 "../../asn1/rrc/rrc.cnf"
   tvbuff_t *hrnti_tvb;
   struct rrc_info *rrcinf;
   offset = dissect_per_bit_string(tvb, offset, actx, tree, hf_index,
@@ -20492,7 +20495,7 @@ dissect_rrc_H_RNTI(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, prot
 
 
 
-#line 789 "../../asn1/rrc/rrc.cnf"
+#line 792 "../../asn1/rrc/rrc.cnf"
   rrcinf = (struct rrc_info *)p_get_proto_data(actx->pinfo->fd, proto_rrc, 0);
   if (!rrcinf) {
     rrcinf = se_new0(struct rrc_info);
@@ -41316,7 +41319,7 @@ dissect_rrc_RLC_Info_r5(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_,
 
 static int
 dissect_rrc_MAC_d_FlowIdentity(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 781 "../../asn1/rrc/rrc.cnf"
+#line 784 "../../asn1/rrc/rrc.cnf"
   offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index,
                                                             0U, 7U, &flowd, FALSE);
 
@@ -41364,7 +41367,7 @@ static const per_choice_t DL_TransportChannelType_r5_choice[] = {
 
 static int
 dissect_rrc_DL_TransportChannelType_r5(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 710 "../../asn1/rrc/rrc.cnf"
+#line 713 "../../asn1/rrc/rrc.cnf"
 
     gint *flowd_p;
     gint *cur_val=NULL;
@@ -44838,7 +44841,7 @@ static const per_choice_t DL_TransportChannelType_r7_choice[] = {
 
 static int
 dissect_rrc_DL_TransportChannelType_r7(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 745 "../../asn1/rrc/rrc.cnf"
+#line 748 "../../asn1/rrc/rrc.cnf"
 
     gint *flowd_p;
     gint *cur_val=NULL;
@@ -87452,7 +87455,7 @@ static const per_choice_t DL_DCCH_MessageType_choice[] = {
 
 static int
 dissect_rrc_DL_DCCH_MessageType(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 883 "../../asn1/rrc/rrc.cnf"
+#line 889 "../../asn1/rrc/rrc.cnf"
   offset = dissect_per_choice(tvb, offset, actx, tree, hf_index,
                                  ett_rrc_DL_DCCH_MessageType, DL_DCCH_MessageType_choice,
                                  &msg_type);
@@ -87472,7 +87475,7 @@ static const per_sequence_t DL_DCCH_Message_sequence[] = {
 
 static int
 dissect_rrc_DL_DCCH_Message(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 886 "../../asn1/rrc/rrc.cnf"
+#line 892 "../../asn1/rrc/rrc.cnf"
   offset = dissect_per_sequence(tvb, offset, actx, tree, hf_index,
                                    ett_rrc_DL_DCCH_Message, DL_DCCH_Message_sequence);
 
@@ -87486,7 +87489,7 @@ dissect_rrc_DL_DCCH_Message(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx
 
 static int
 dissect_rrc_START_Value(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 797 "../../asn1/rrc/rrc.cnf"
+#line 800 "../../asn1/rrc/rrc.cnf"
   tvbuff_t * start_val;
   fp_info       *fpinf;
   rrc_ciphering_info * c_inf;
@@ -87505,23 +87508,24 @@ dissect_rrc_START_Value(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_,
       return offset;
   }
   /*Retrieve the start value for the two ciphering domains*/
-  switch(GPOINTER_TO_UINT(actx->private_data)){
-    case RRC_NAS_SYS_INFO_CS:
-      /*
-      g_warning("Not implemented");
-      */
-      break;
-    case RRC_NAS_SYS_INFO_PS:
-
-      /*Find the entry for the communication context (taken from FP)*/
-      if( (c_inf =(rrc_ciphering_info *)g_tree_lookup(rrc_ciph_inf, GINT_TO_POINTER(fpinf->com_context_id))) == NULL ){
-        c_inf = g_new0(rrc_ciphering_info,1);
-
-        /*Initiate tree with START_PS values.*/
-        if(!c_inf->start_ps)
-          c_inf->start_ps = g_tree_new_full(rrc_key_cmp,
-                                            NULL,rrc_free_key,rrc_free_value);
-
+  if (actx->private_data) {
+    switch(GPOINTER_TO_UINT(actx->private_data)){
+      case RRC_NAS_SYS_INFO_CS:
+        /*
+        g_warning("Not implemented");
+        */
+        break;
+      case RRC_NAS_SYS_INFO_PS:
+    
+        /*Find the entry for the communication context (taken from FP)*/
+        if( (c_inf =(rrc_ciphering_info *)g_tree_lookup(rrc_ciph_inf, GINT_TO_POINTER(fpinf->com_context_id))) == NULL ){
+          c_inf = g_new0(rrc_ciphering_info,1);
+    
+          /*Initiate tree with START_PS values.*/
+          if(!c_inf->start_ps)
+            c_inf->start_ps = g_tree_new_full(rrc_key_cmp,
+                                              NULL,rrc_free_key,rrc_free_value);
+    
           /*Clear and initialize seq_no matrix*/
           for(i = 0; i< 31; i++){
             c_inf->seq_no[i][0] = -1;
@@ -87529,18 +87533,20 @@ dissect_rrc_START_Value(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_,
           }
           g_tree_insert(rrc_ciph_inf, GINT_TO_POINTER(fpinf->com_context_id), c_inf);
         }
-
+    
         /*Retrieve and store the value*/
         start = g_new(guint32,1);
-                *start = tvb_get_bits32(start_val,0,20,ENC_BIG_ENDIAN);
-                if(c_inf && c_inf->start_ps)
-                /*Insert the value based on current frame num since this might vary over time*/
-                g_tree_insert(c_inf->start_ps, GUINT_TO_POINTER(actx->pinfo->fd->num), start);
-
-            break;
-            default:
-            break;
-        }
+        *start = tvb_get_bits32(start_val,0,20,ENC_BIG_ENDIAN);
+        if(c_inf && c_inf->start_ps)
+          /*Insert the value based on current frame num since this might vary over time*/
+          g_tree_insert(c_inf->start_ps, GUINT_TO_POINTER(actx->pinfo->fd->num), start);
+    
+        break;
+      default:
+        break;
+    }
+    actx->private_data = NULL;
+  }
 
 
 
@@ -114178,7 +114184,7 @@ static const per_choice_t HandoverToUTRANCommand_choice[] = {
 
 static int
 dissect_rrc_HandoverToUTRANCommand(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 889 "../../asn1/rrc/rrc.cnf"
+#line 895 "../../asn1/rrc/rrc.cnf"
   offset = dissect_per_choice(tvb, offset, actx, tree, hf_index,
                                  ett_rrc_HandoverToUTRANCommand, HandoverToUTRANCommand_choice,
                                  NULL);
@@ -114319,7 +114325,7 @@ static const per_sequence_t UE_SecurityInformation_sequence[] = {
 
 static int
 dissect_rrc_UE_SecurityInformation(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 892 "../../asn1/rrc/rrc.cnf"
+#line 898 "../../asn1/rrc/rrc.cnf"
   actx->private_data = GUINT_TO_POINTER(RRC_NAS_SYS_INFO_CS);
   offset = dissect_per_sequence(tvb, offset, actx, tree, hf_index,
                                    ett_rrc_UE_SecurityInformation, UE_SecurityInformation_sequence);
@@ -114722,7 +114728,7 @@ static const per_sequence_t UE_SecurityInformation2_sequence[] = {
 
 static int
 dissect_rrc_UE_SecurityInformation2(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
-#line 896 "../../asn1/rrc/rrc.cnf"
+#line 902 "../../asn1/rrc/rrc.cnf"
   actx->private_data = GUINT_TO_POINTER(RRC_NAS_SYS_INFO_PS);
   offset = dissect_per_sequence(tvb, offset, actx, tree, hf_index,
                                    ett_rrc_UE_SecurityInformation2, UE_SecurityInformation2_sequence);