cellular-infrastructure
/
osmo-msc
mirror of https://gerrit.osmocom.org/osmo-msc
9
0
Fork 0
Code Issues Releases Wiki Activity
Osmocom Mobile Switching Centre
6,277 Commits 88 Branches 106 Tags 41 MiB
C 96.9%
Python 1.2%
Makefile 1%
M4 0.5%
Shell 0.4%
Go to file
Harald Welte a172e9e231 a_iface: Fix heap-use-after-free by cleaning up msgb ownership 
When we receive a msgb-wrapped primitive from the SCCP provider (stack),
it transfers msgb ownership to us (the SCCP user).  The existing code
passed the msgb ownership down into all the various downstream
functions, which each then had to take care of msgb free'ing.

Not all of the paths did eventually free the msgb.  And at least one
path used data from the primitive *after* the free

Let's restructure this in a way that no msgb ownership is transferred
down the call chain.  Instead, there's one common msgb_free() in
sccp_sap_up().  We can do this as nobody is queueing or otherwise
keeping the msgb.

Change-Id: Ie65616ccb55ec58a0224bbe3c8e004e6029ef3e6
SUMMARY: AddressSanitizer: heap-use-after-free /home/laforge/projects/git/osmo-msc/src/libmsc/a_iface.c:538 in sccp_sap_up
 		2018-02-09 22:21:20 +01:00
contrib jenkins.sh: Don't depend on osmo-ggsn 2018-01-25 00:18:05 +01:00
debian Migrate from OpenSSL to osmo_get_rand_id() 2017-12-27 11:11:14 +00:00
doc examples: apply mgcp_client vty rename from 'mgcpgw' to 'mgw' 2017-11-08 03:24:13 +00:00
include Introduce new BSSAP logging category/subsystem 2018-02-09 02:22:22 +01:00
m4 move openbsc/* to repos root 2017-07-12 23:17:10 +00:00
src a_iface: Fix heap-use-after-free by cleaning up msgb ownership 2018-02-09 22:21:20 +01:00
tests VLR tests: move network init into function 2018-02-07 13:01:49 +01:00
.gitignore Remove traces of meas_feed 2018-01-24 14:04:46 +00:00
.gitreview update .gitreview to new repo url 2017-08-08 17:26:28 +02:00
.mailmap add .mailmap file for mapping git author name/mail in shortlog 2016-08-08 17:40:28 +00:00
AUTHORS move openbsc/* to repos root 2017-07-12 23:17:10 +00:00
COPYING move openbsc/* to repos root 2017-07-12 23:17:10 +00:00
Makefile.am Remove unneeded .py scripts 2017-12-03 21:14:10 +00:00
README rewrite README 2017-09-06 16:33:41 +02:00
README.vty-tests Remove obsolete ./configure option 2017-11-29 14:24:54 +00:00
configure.ac Migrate from OpenSSL to osmo_get_rand_id() 2017-12-27 11:11:14 +00:00
git-version-gen git-version-gen: look for .git in ./, not ../ 2017-07-12 23:28:38 +00:00
osmoappdesc.py doc/examples: add detailed cs7 config examples 2017-09-07 03:10:36 +02:00

README 

About OsmoMSC
=============

OsmoMSC originated from the OpenBSC project, which started as a minimalistic
all-in-one implementation of the GSM Network. In 2017, OpenBSC had reached
maturity and diversity (including M3UA SIGTRAN and 3G support in the form of
IuCS and IuPS interfaces) that naturally lead to a separation of the all-in-one
approach to fully independent separate programs as in typical GSM networks.

OsmoMSC was one of the parts split off from the old openbsc.git. Before, it was
the libmsc part of the old OsmoNITB. Since a true A interface and IuCS for 3G
support is available, OsmoMSC exists only as a separate standalone entity.

OsmoMSC exposes
- GSUP towards OsmoHLR (or a MAP proxy);
- A over IP towards a BSC (e.g. OsmoBSC);
- IuCS towards an RNC or HNB-GW (e.g. OsmoHNBGW) for 3G voice;
- MNCC (Mobile Network Call Control derived from GSM TS 04.07);
- SMPP 3.4 (Short Message Peer-to-Peer);
- The Osmocom typical telnet VTY and CTRL interfaces.

Find OsmoMSC issue tracker and wiki online at
https://osmocom.org/projects/osmomsc
https://osmocom.org/projects/osmomsc/wiki