cellular-infrastructure
/
osmo-bsc
mirror of https://gerrit.osmocom.org/osmo-bsc
9
0
Fork 0
Code Issues Releases Wiki Activity

gsm_08_08: fix NULL pointer dereference in bsc_cm_update() 

MS Classmark 3 is optional, and thus can be NULL.

Change-Id: I4f1455a3db4972ea9843564b590e405c51083b47
Fixes: I39ae439d05562b35b2e47774dc92f8789fea1a57
Fixes: CID#215593 "Explicit null dereferenced"
This commit is contained in:
Vadim Yanitskiy 2020-12-02 11:42:01 +01:00
parent 18aff1fc46
commit 8c03bf3f3c
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/osmo-bsc/gsm_08_08.c
View File

@ -603,13 +603,15 @@ void bsc_cm_update(struct gsm_subscriber_connection *conn,
}
conn_update_ms_power_class(conn, rc8);
rc = gsm48_decode_classmark3(&conn->cm3, cm3, cm3_len);
if (rc < 0) {
LOGP(DMSC, LOGL_NOTICE, "Unable to decode classmark3 during CM Update.\n");
memset(&conn->cm3, 0, sizeof(conn->cm3));
conn->cm3_valid = false;
} else
conn->cm3_valid = true;
if (cm3 != NULL && cm3_len > 0) {
rc = gsm48_decode_classmark3(&conn->cm3, cm3, cm3_len);
if (rc < 0) {
LOGP(DMSC, LOGL_NOTICE, "Unable to decode classmark3 during CM Update.\n");
memset(&conn->cm3, 0, sizeof(conn->cm3));
conn->cm3_valid = false;
} else
conn->cm3_valid = true;
}
if (!msc_connected(conn))
return;