From 3b8ff68a0a3c6d495690a68c1663abfbed25870f Mon Sep 17 00:00:00 2001 From: Stefan Sperling Date: Tue, 8 May 2018 15:52:30 +0200 Subject: free msgb for primitive allocated in lm_timer_cb() of lm_fsm A primitive allocated in lm_timer_cb() with xua_xlm_prim_alloc() was never freed. Don't forget to free the msgb in osmo_xlm_sap_down(). Found by code inspection. Also, assert that allocation suceeded like we do elsewhere. Change-Id: Ie667b1b8beeda2aa4520a1413f51101435215cc0 Related: OS#2449 --- src/xua_default_lm_fsm.c | 1 + src/xua_rkm.c | 1 + 2 files changed, 2 insertions(+) diff --git a/src/xua_default_lm_fsm.c b/src/xua_default_lm_fsm.c index eba89c2..11a97a2 100644 --- a/src/xua_default_lm_fsm.c +++ b/src/xua_default_lm_fsm.c @@ -175,6 +175,7 @@ static int lm_timer_cb(struct osmo_fsm_inst *fi) * let's dynamically register */ osmo_fsm_inst_state_chg(fi, S_RKM_REG, 10, T_WAIT_RK_REG_RESP); prim = xua_xlm_prim_alloc(OSMO_XLM_PRIM_M_RK_REG, PRIM_OP_REQUEST); + OSMO_ASSERT(prim); as = find_first_as_in_asp(lmp->asp); if (!as) { LOGPFSML(fi, LOGL_ERROR, "Unable to find AS!\n"); diff --git a/src/xua_rkm.c b/src/xua_rkm.c index b3c5be7..b79f7f3 100644 --- a/src/xua_rkm.c +++ b/src/xua_rkm.c @@ -545,6 +545,7 @@ int osmo_xlm_sap_down(struct osmo_ss7_asp *asp, struct osmo_prim_hdr *oph) break; } + msgb_free(prim->oph.msg); return 0; } -- cgit v1.2.3