cellular-infrastructure
/
osmo-pcu
mirror of https://gerrit.osmocom.org/osmo-pcu
9
0
Fork 1
Code Issues Releases Wiki Activity
osmo-pcu/src
History
Neels Hofmeyr 3de6d0602f fix PACCH paging: don't return early in case of NULL TBF 
Commit b78a4a6dfe tried to fix a NULL dereference
error, but apparently was overly eager to return, because it looked like all
code paths would dereference the tbf.

In fact the code path further above, for msg != NULL, has "always" dereferenced
the tbf, but the lower code path, the one effecting the paging, has only
started to dereference tbf since shortly before the overly eager fix: in
da7250ad2c, to "update the dl ctrl msg counter
for ms". It seems that this tbf dereference in the paging path is bogus and the
cause for the segfault that made me write the early exit fix.

Fix that fix:

Do not exit early if tbf == NULL, stay in there to be able to reach the paging
path below.

In case of a message to be sent, assume that tbf is present, and verify: print
an error message and abort if there is a msg but no tbf, so that we will see
the error if I'm wrong there. If a tbf is missing, free the msg.

In case of no message, go on to send pending pagings, but do not attempt to
count ctrl messages for a tbf -- IIUC there will never be a tbf if we're
paging.

This should avoid segfaults while keeping PACCH paging intact.

Tweak a comment for and add a blank line above the paging section.

Related: OS#2176 CID#158969
Change-Id: Ib79f4a945e211a13ac7d1e511cc37b0940ac6202
 		2017-05-15 10:40:34 +00:00
..
osmo-bts-litecell15 Use qbit-TA to update Timing Advance 2016-10-19 08:23:29 +00:00
osmo-bts-sysmo Use qbit-TA to update Timing Advance 2016-10-19 08:23:29 +00:00
.gitignore Adding .gitignore to source directory 2012-06-27 17:45:15 +02:00
Makefile.am Install the pcuif_proto.h header file 2016-11-17 21:09:55 +01:00
bitvector.cpp bitvector: Remove code clone and fallback to C implementation 2016-07-13 16:26:32 +00:00
bitvector.h bitvector: Remove code clone and fallback to C implementation 2016-07-13 16:26:32 +00:00
bts.cpp bts.cpp: Fix overloading ambiguity 2017-03-13 11:25:14 +00:00
bts.h bts.cpp: Fix overloading ambiguity 2017-03-13 11:25:14 +00:00
csn1.cpp Fix CSN1 decoding: CSN_LEFT_ALIGNED_VAR_BMP bounds 2016-09-14 01:26:34 +00:00
csn1.h Ported fixes and improvements from Wireshark for RLC/MAC control block decoding. Part 1. 2012-10-10 19:43:37 +04:00
cxx_linuxlist.h llist: Add missing const qualifier in llist cast method 2015-08-24 12:23:50 +02:00
decoding.cpp Add debugging log for RLC data block decoding 2016-12-02 09:15:53 +00:00
decoding.h Add header type 1 support for EGPRS uplink 2016-06-16 14:32:07 +00:00
egprs_rlc_compression.cpp Add compression support in EGPRS PUAN 2017-01-23 12:26:09 +00:00
egprs_rlc_compression.h Add compression support in EGPRS PUAN 2017-01-23 12:26:09 +00:00
encoding.cpp Support sending OML Alerts via BTS 2017-03-17 17:01:28 +00:00
encoding.h Handle packet access reject during EPDAN/PDAN with channel description 2016-11-11 17:15:10 +05:30
gprs_bssgp_pcu.cpp logging fixup: shorter names for LOGGING_FILTER_* and LOGGING_CTX_* 2017-02-23 18:11:44 +01:00
gprs_bssgp_pcu.h bssgp: Use measured leak rate for flow control 2015-09-11 11:52:02 +02:00
gprs_codel.c llc: Add CoDel AQM implementation 2015-07-21 19:22:32 +02:00
gprs_codel.h llc: Add CoDel AQM implementation 2015-07-21 19:22:32 +02:00
gprs_coding_scheme.cpp Add data structure for ARQ-II in EGPRS DL 2016-07-12 14:17:12 +05:30
gprs_coding_scheme.h Modify EGPRS DL TBF flow to support SPB 2016-08-25 10:41:33 +00:00
gprs_debug.cpp logging fixup: shorter names for LOGGING_FILTER_* and LOGGING_CTX_* 2017-02-23 18:11:44 +01:00
gprs_debug.h gprs_debug.h: remove unused cruft / cosmetic tweaks 2017-02-20 15:30:18 +00:00
gprs_ms.cpp Add counter at BTS level And statistics at TBF/MS level. 2016-12-22 14:09:04 +00:00
gprs_ms.h Add counter at BTS level And statistics at TBF/MS level. 2016-12-22 14:09:04 +00:00
gprs_ms_storage.cpp pcu: Fix memory corruption bugs (ASAN) 2016-02-01 13:56:32 +01:00
gprs_ms_storage.h pcu: Fix memory corruption bugs (ASAN) 2016-02-01 13:56:32 +01:00
gprs_rlcmac.cpp debug_diagram: Remove the special debug_diagram compilation mode 2013-11-26 20:57:24 +01:00
gprs_rlcmac.h Remove useless ARFCN parameter 2016-07-26 00:20:23 +00:00
gprs_rlcmac_meas.cpp Add statistics in the ms and tbf level. 2016-12-09 12:05:43 +00:00
gprs_rlcmac_sched.cpp fix PACCH paging: don't return early in case of NULL TBF 2017-05-15 10:40:34 +00:00
gprs_rlcmac_ts_alloc.cpp utils: Add pcu_bitcount and pcu_lsb 2016-02-08 00:45:36 +01:00
gsm_rlcmac.cpp rlc: Add decode_gsm_ra_cap to decode Radio Access Caps 2016-02-08 00:45:36 +01:00
gsm_rlcmac.h rlc: Add decode_gsm_ra_cap to decode Radio Access Caps 2016-02-08 00:45:36 +01:00
gsm_timer.cpp bts: Move the frame_number into the BTS sructure 2013-10-30 21:20:45 +01:00
gsm_timer.h move everything to src/ subdirectory 2012-06-14 20:48:42 +08:00
llc.cpp llc: Add move_and_merge method to llc_queue 2015-08-21 19:02:18 +02:00
llc.h llc: remove NULL-pointer check of gprs_llc_queue::size()/octets() 2016-10-18 11:51:02 +02:00
osmobts_sock.cpp Support sending OML Alerts via BTS 2017-03-17 17:01:28 +00:00
pcu_l1_if.cpp Support sending OML Alerts via BTS 2017-03-17 17:01:28 +00:00
pcu_l1_if.h Support sending OML Alerts via BTS 2017-03-17 17:01:28 +00:00
pcu_main.cpp main, tests: use msgb_talloc_ctx_init() (new) 2017-02-08 17:37:55 +01:00
pcu_utils.h utils: Add pcu_bitcount and pcu_lsb 2016-02-08 00:45:36 +01:00
pcu_vty.c Fix dozens of compiler warnings across the board 2017-02-08 17:37:55 +01:00
pcu_vty.h vty: Change API to have node installation be done by int 2015-08-17 16:23:27 +02:00
pcu_vty_functions.cpp Add counter at BTS level And statistics at TBF/MS level. 2016-12-22 14:09:04 +00:00
pcu_vty_functions.h tbf: Use LListHead instead of llist_pods 2016-02-01 13:58:13 +01:00
poll_controller.cpp tbf: Use LListHead instead of llist_pods 2016-02-01 13:58:13 +01:00
poll_controller.h poll: Add a max_delay parameter to PollController::expireTimedout 2015-08-28 12:23:07 +02:00
rlc.cpp dl tbf: initialize punct values and verify 2017-02-14 12:20:57 +01:00
rlc.h Add test case for testing PUAN 2017-01-24 15:53:35 +05:30
sba.cpp Log additional info for radio errors 2017-01-16 10:10:01 +01:00
sba.h misc: Do not mix struct/class in the forward declaration 2014-07-02 14:48:44 +02:00
tbf.cpp tbf.cpp: use new tlli instead of old tlli 2017-05-01 16:57:48 +00:00
tbf.h Handle packet access reject during packet resource request 2017-01-24 13:11:51 +00:00
tbf.txt Doc: Update on README and tbf.txt 2012-12-18 10:04:03 +01:00
tbf_dl.cpp dl tbf: initialize punct values and verify 2017-02-14 12:20:57 +01:00
tbf_ul.cpp Add compression support in EGPRS PUAN 2017-01-23 12:26:09 +00:00