From 72bf3f8d8a94a75077050ed77277fe16db24b4da Mon Sep 17 00:00:00 2001
From: "Andreas.Eversberg" <jolly@eversberg.eu>
Date: Sun, 29 Aug 2010 08:57:23 +0000
Subject: [PATCH] [layer23] Fix of corrupt MM event messages

---
 src/host/layer23/src/mobile/subscriber.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/host/layer23/src/mobile/subscriber.c b/src/host/layer23/src/mobile/subscriber.c
index a316c8e73..9f791c86d 100644
--- a/src/host/layer23/src/mobile/subscriber.c
+++ b/src/host/layer23/src/mobile/subscriber.c
@@ -783,12 +783,14 @@ int gsm_subscr_generate_kc(struct osmocom_ms *ms, uint8_t key_seq,
 		nmsg = gsm48_mmevent_msgb_alloc(GSM48_MM_EVENT_AUTH_RESPONSE);
 		if (!nmsg)
 			return -ENOMEM;
-		nmme = (struct gsm48_mm_event *)msgb_put(nmsg, sizeof(*nmme));
+		nmme = (struct gsm48_mm_event *) nmsg->data;
 		nmme->sres[0] = 0x12;
 		nmme->sres[1] = 0x34;
 		nmme->sres[2] = 0x56;
 		nmme->sres[3] = 0x78;
 		gsm48_mmevent_msg(ms, nmsg);
+
+		return 0;
 	}
 
 	LOGP(DMM, LOGL_INFO, "Generating KEY at SIM\n");
@@ -860,7 +862,7 @@ static void subscr_sim_key_cb(struct osmocom_ms *ms, struct msgb *msg)
 	nmsg = gsm48_mmevent_msgb_alloc(GSM48_MM_EVENT_AUTH_RESPONSE);
 	if (!nmsg)
 		return;
-	nmme = (struct gsm48_mm_event *)msgb_put(nmsg, sizeof(*nmme));
+	nmme = (struct gsm48_mm_event *) nmsg->data;
 	nmme->sres[0] = 0x12;
 	nmme->sres[1] = 0x34;
 	nmme->sres[2] = 0x56;