lu crash: Fix a crash that likely occurred during the LU procedure
conn->loc_operation is already NULL (e.g. due a five second timeout but we are still processing a RSL message after we initiated the release procedure). Do not attempt to authorize a subcriber without knowing the key_sequence. This can cause more problems but we will need to test this in the field. (gdb) bt #0 gsm0408_authorize (conn=0x19fc2f0, msg=<optimized out>) at gsm_04_08.c:323 #1 gsm0408_authorize (conn=0x19fc2f0, msg=<optimized out>) at gsm_04_08.c:319 #2 0x000000000043a99a in mm_rx_id_resp (conn=0x19fc2f0, msg=<optimized out>) at gsm_04_08.c:495 #3 gsm0408_rcv_mm (msg=<optimized out>, conn=0x19fc2f0) at gsm_04_08.c:1041 #4 gsm0408_dispatch (conn=0x19fc2f0, msg=<optimized out>) at gsm_04_08.c:3232 (gdb) p *conn $5 = {entry = {next = 0x1746930, prev = 0x1a14270}, subscr = 0x1745eb0, expire_timer_stopped = 1 '\001', loc_operation = 0x0, sec_operation = 0x0, anch_operation = 0x0, silent_call = 0, put_channel = 0, sccp_con = 0x0, in_release = 0, lchan = 0x7f8c79007218, ho_lchan = 0x0, bts = 0x1719f90, T10 = {node = { rb_parent_color = 0, rb_right = 0x0, rb_left = 0x0}, list = {next = 0x0, prev = 0x0}, timeout = {tv_sec = 0, tv_usec = 0}, active = 0, cb = 0, data = 0x0}, secondary_lchan = 0x0}
This commit is contained in:
parent
2147bc4cc9
commit
1a345ca48f
|
@ -318,6 +318,9 @@ static int _gsm0408_authorize_sec_cb(unsigned int hooknum, unsigned int event,
|
|||
|
||||
static int gsm0408_authorize(struct gsm_subscriber_connection *conn, struct msgb *msg)
|
||||
{
|
||||
if (!conn->loc_operation)
|
||||
return 0;
|
||||
|
||||
if (authorize_subscriber(conn->loc_operation, conn->subscr))
|
||||
return gsm48_secure_channel(conn,
|
||||
conn->loc_operation->key_seq,
|
||||
|
|
Loading…
Reference in New Issue