From dd262263954cc01a986ac5232bfd762cd772d6b6 Mon Sep 17 00:00:00 2001
From: Pau Espin Pedrol <pespin@sysmocom.de>
Date: Thu, 13 Jan 2022 14:06:44 +0100
Subject: [PATCH] call_leg: local_bridge: Avoid null pointer access if CN-side
 not ready

This happens if for instance an HNBGW drops the RAB-AssignmentRequest
and does nothing with it.

call_leg.c:348:15: runtime error: member access within null pointer of type 'struct rtp_stream'

Related: OS#5401
Change-Id: I67d2d5b2dd3b367c34f929d63c056306ec001431
---
 src/libmsc/call_leg.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/libmsc/call_leg.c b/src/libmsc/call_leg.c
index 6242a8034..e890f753a 100644
--- a/src/libmsc/call_leg.c
+++ b/src/libmsc/call_leg.c
@@ -344,6 +344,9 @@ int call_leg_local_bridge(struct call_leg *cl1, uint32_t call_id1, struct gsm_tr
 	}
 	codec = cl1->rtp[RTP_TO_RAN]->codec;
 
+	if (!cl1->rtp[RTP_TO_CN] || !cl2->rtp[RTP_TO_CN])
+		return -ENOTCONN;
+
 	call_leg_ensure_ci(cl1, RTP_TO_CN, call_id1, trans1,
 			   &codec, &cl2->rtp[RTP_TO_CN]->local);
 	call_leg_ensure_ci(cl2, RTP_TO_CN, call_id2, trans2,