From 0127a0608dab959534ea8ba830e2570904f85edf Mon Sep 17 00:00:00 2001 From: Neels Hofmeyr Date: Fri, 10 Nov 2023 01:53:49 +0100 Subject: [PATCH] client: replace two assertions with graceful error handling A user reports crashes of osmo-bsc upon EV_MDCX. It turns out that there is a lot of error reporting and a distinct possibility to get a NULL return value because of external input. Terminate the FSM instead. FSM termination is the proper way to report a bad error, it signals the parent_term_evt to the FSM parent, which will then be able to act on the failed MGCP operation. Related: SYS#6632 Change-Id: Ia5d8a9aff565399a85a5b116d7029fedcab234e0 --- src/libosmo-mgcp-client/mgcp_client_fsm.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/libosmo-mgcp-client/mgcp_client_fsm.c b/src/libosmo-mgcp-client/mgcp_client_fsm.c index 660f0adde..432ad848c 100644 --- a/src/libosmo-mgcp-client/mgcp_client_fsm.c +++ b/src/libosmo-mgcp-client/mgcp_client_fsm.c @@ -364,13 +364,21 @@ static void fsm_ready_cb(struct osmo_fsm_inst *fi, uint32_t event, void *data) switch (event) { case EV_MDCX: msg = make_mdcx_msg(mgcp_ctx); - OSMO_ASSERT(msg); + if (!msg) { + /* make_mdcx_msg() should already have logged the error */ + osmo_fsm_inst_term(fi, OSMO_FSM_TERM_ERROR, NULL); + return; + } rc = mgcp_client_tx(mgcp, msg, mgw_mdcx_resp_cb, fi); new_state = ST_MDCX_RESP; break; case EV_DLCX: msg = make_dlcx_msg(mgcp_ctx); - OSMO_ASSERT(msg); + if (!msg) { + /* make_dlcx_msg() should already have logged the error */ + osmo_fsm_inst_term(fi, OSMO_FSM_TERM_ERROR, NULL); + return; + } rc = mgcp_client_tx(mgcp, msg, mgw_dlcx_resp_cb, fi); new_state = ST_DLCX_RESP; break;