From d747573feb55fe93e4fa84c46bf5f2c9d1c70642 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sat, 19 Oct 2019 17:19:27 +0200 Subject: ipa: Fix crash when parsing of received IPA SCCP message fails If an IPA ASP is sending us a SCCP message that cannot be parsed, we shouldn't crash but handle this gracefully. Change-Id: Ib7a8c2a36dd1b82ca8ed472760c1682ede50cb90 Fixes: OS#4236 --- src/ipa.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/ipa.c b/src/ipa.c index d013916..eeefbe8 100644 --- a/src/ipa.c +++ b/src/ipa.c @@ -204,6 +204,8 @@ static struct msgb *patch_sccp_with_pc(struct osmo_ss7_asp *asp, struct msgb *sc /* re-encode SUA to SCCP and return */ sccp_msg_out = osmo_sua_to_sccp(sua); + if (!sccp_msg_out) + LOGPASP(asp, DLSS7, LOGL_ERROR, "Couldn't re-encode SUA to SCCP\n"); xua_msg_free(sua); return sccp_msg_out; } @@ -259,6 +261,10 @@ static int ipa_rx_msg_sccp(struct osmo_ss7_asp *asp, struct msgb *msg) /* Second, patch this into the SCCP message */ msg = patch_sccp_with_pc(asp, msg, opc, dpc); + if (!msg) { + LOGPASP(asp, DLSS7, LOGL_ERROR, "Unable to patch PC into SCCP message; dropping\n"); + return -1; + } /* Third, create a MTP3/M3UA label with those point codes */ memset(&data_hdr, 0, sizeof(data_hdr)); -- cgit v1.2.3