cellular-infrastructure
/
osmo-bts
mirror of https://gerrit.osmocom.org/osmo-bts
9
0
Fork 0
Code Issues Releases Wiki Activity
osmo-bts/src/osmo-bts-oc2g
History
Vadim Yanitskiy e464ef6524 osmo-bts-{sysmo,lc15,oc2g}: fix segfault in ph_tch_req() 
ph_tch_req() is a recursive function and conditionally calls itself at
the very bottom.  The recursive call happens iff all of the following
conditions are met:

* DTXd is enabled,
* AMR codec is in use,
* DTX DL AMR FSM state is recursive.

The problem is that ph_tch_req() may pull sizeof(*lsap) from the given
msgb twice: during the initial and the recursive calls.  The second
attempt to pull sizeof(*lsap) causes the process to abort, because
the remaining room is less than it's attempting to pull.

AFAICT, doing msgb_pull() is not really necessary, given that
l1sap_tch_rts_ind() thankfully does set msg->l2h before pushing
the lsap header in front of the actual frame.

Update osmo-bts-sysmo and its copy-pasted siblings, which are likely
affected too, except osmo-bts-octphy which does not do the recursion.

Change-Id: Ib349b74a9e4bd48c902286f872d3b0e9a068256c
Related: OS#5925
 		2023-03-24 18:24:01 +00:00
..
misc osmo-bts: Transition to use of 'telnet_init_default' 2023-01-02 23:08:32 +00:00
Makefile.am oc2g: Makefile.am Fix typo in LIBOSMONETIF_LIBS 2022-09-12 17:35:01 +02:00
calib_file.c Fix common misspellings and typos 2019-10-17 08:05:35 +00:00
hw_info.ver_major Add OC-2G BTS sources 2018-10-27 11:35:58 +00:00
hw_misc.c Add OC-2G BTS sources 2018-10-27 11:35:58 +00:00
hw_misc.h Add OC-2G BTS sources 2018-10-27 11:35:58 +00:00
l1_if.c osmo-bts-{sysmo,lc15,oc2g}: fix segfault in ph_tch_req() 2023-03-24 18:24:01 +00:00
l1_if.h Constify the 'trx' argument of trx_get_hlayer1() everywhere 2020-08-03 02:08:14 +07:00
l1_transp.h Add OC-2G BTS sources 2018-10-27 11:35:58 +00:00
l1_transp_hw.c Use osmo_fd_*_{disable,enable} 2021-02-03 10:41:16 +01:00
main.c src/common/bts.c: set BTS_FEAT_PAGING_COORDINATION 2022-04-25 11:27:54 +02:00
oc2gbts.c Add OC-2G BTS sources 2018-10-27 11:35:58 +00:00
oc2gbts.h fix compilation with gcc-10 2020-04-20 20:09:24 +02:00
oc2gbts_vty.c lc15, oc2g, sysmo: fix show dsp-trace-flags 2021-09-30 19:30:00 +00:00
oml.c Move lchan_init_lapdm inside lchan_set_state(LCHAN_S_ACTIVE) 2021-10-14 17:48:31 +02:00
tch.c osmo-bts-sysmo: merge measurement data and payload 2020-02-17 12:40:07 +01:00
utils.c Fix deprecated gsm_arfcn2band(), use gsm_arfcn2band_rc() 2018-11-22 15:30:46 +07:00
utils.h Add OC-2G BTS sources 2018-10-27 11:35:58 +00:00