libmsc: make pitfall in gsm0408_dispatch() more obvious

The function gsm0408_dispatch() accepts a message buffer pointer
and accesses the l3h pointer. Even in a properly allocated
message buffer, this may lead into a segfault if the user forgets
to set the l3h pointer. This commit adds assertions to popup a
more expressive error message.

Change-Id: I43bd9bd1c170559aaa8dacaef25dba090744bcd5
This commit is contained in:
Philipp Maier 2017-04-20 18:40:37 +02:00 committed by Harald Welte
parent bac227653a
commit 91f10c7289
1 changed files with 6 additions and 2 deletions

View File

@ -3216,13 +3216,17 @@ void cm_service_request_concludes(struct gsm_subscriber_connection *conn,
/* Main entry point for GSM 04.08/44.008 Layer 3 data (e.g. from the BSC). */ /* Main entry point for GSM 04.08/44.008 Layer 3 data (e.g. from the BSC). */
int gsm0408_dispatch(struct gsm_subscriber_connection *conn, struct msgb *msg) int gsm0408_dispatch(struct gsm_subscriber_connection *conn, struct msgb *msg)
{ {
struct gsm48_hdr *gh = msgb_l3(msg); struct gsm48_hdr *gh;
uint8_t pdisc = gsm48_hdr_pdisc(gh); uint8_t pdisc;
int rc = 0; int rc = 0;
OSMO_ASSERT(msg->l3h)
OSMO_ASSERT(conn); OSMO_ASSERT(conn);
OSMO_ASSERT(msg); OSMO_ASSERT(msg);
gh = msgb_l3(msg);
pdisc = gsm48_hdr_pdisc(gh);
LOGP(DRLL, LOGL_DEBUG, "Dispatching 04.08 message %s (0x%x:0x%x)\n", LOGP(DRLL, LOGL_DEBUG, "Dispatching 04.08 message %s (0x%x:0x%x)\n",
gsm48_pdisc_msgtype_name(pdisc, gsm48_hdr_msg_type(gh)), gsm48_pdisc_msgtype_name(pdisc, gsm48_hdr_msg_type(gh)),
pdisc, gsm48_hdr_msg_type(gh)); pdisc, gsm48_hdr_msg_type(gh));