aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2019-07-31WIP: gsm_412 Cell Broadcastlaforge/cbchHarald Welte1-0/+68
Related: OS#3537 Change-Id: I1a17c2ae8bf62150327956c10cb5bb896939e3fd
2019-07-30vty/vty.c: the command buffer can be accessed directlyVadim Yanitskiy1-7/+7
Change-Id: Ic6d7d68e9a559a6fb5bd6eaf6eccceae51e7ed39
2019-07-30vty/vty.c: fix vty_read(): prevent further heap-buffer overrunVadim Yanitskiy1-0/+2
After reading data from the socket, assigned to a given VTY, we need to '\0'-terminate the received string. Otherwise, further access to that string, stored in a heap buffer vty->buf, would lead to a heap overrun. == How to reproduce? $ python -c "print 'A' * 512" | telnet $HOST $PORT ==21264==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6190000211e0 at pc 0x000000435d2f bp 0x7ffc06c7add0 sp 0x7ffc06c7a578 READ of size 1025 at 0x6190000211e0 thread T0 #0 0x435d2e in __interceptor_strlen (/usr/local/bin/osmo-msc+0x435d2e) #1 0x7fb95bfa5624 in talloc_strdup (/usr/lib/x86_64-linux-gnu/libtalloc.so.2+0x6624) #2 0x7fb95c1be2bc in vty_hist_add /opt/osmocom/libosmocore/src/vty/vty.c:578 #3 0x7fb95c1be2bc in vty_execute /opt/osmocom/libosmocore/src/vty/vty.c:703 #4 0x7fb95c1be2bc in vty_read /opt/osmocom/libosmocore/src/vty/vty.c:1425 #5 0x7fb95c1bfd78 in client_data /opt/osmocom/libosmocore/src/vty/telnet_interface.c:157 #6 0x7fb95b90bd33 in osmo_fd_disp_fds /opt/osmocom/libosmocore/src/select.c:223 #7 0x7fb95b90bd33 in osmo_select_main /opt/osmocom/libosmocore/src/select.c:263 #8 0x5006cc in main /opt/osmocom/osmo-msc/src/osmo-msc/msc_main.c:723:3 #9 0x7fb959935f44 in __libc_start_main /build/eglibc-xkFqqE/eglibc-2.19/csu/libc-start.c:287 #10 0x4226fb in _start (/usr/local/bin/osmo-msc+0x4226fb) == Why exactly 512? Because the initial size of the heap buffer is 512 (see VTY_BUFSIZ). Later on it can be realloc()ated, so X > 512 should also work. Found using AddressSanitizer and Radamsa [1] fuzzer. [1] https://gitlab.com/akihe/radamsa Change-Id: I82f774ad18d0e555eb8f3590a519946d9c583c78
2019-07-30vty/telnet_interface.c: log connection accept() / close() eventsVadim Yanitskiy1-0/+12
Unfortunately, osmo_sock_get_name_buf() fails in telnet_close_client(): DLGLOBAL INFO telnet_interface.c:130 Closing telnet connection <error-in-getsockname> because getsockname(), getpeername(), and even close() fail with: "Bad file descriptor". This looks like a bug of the existing code. Change-Id: I77b31abfa159d2f269deaa5a08d94b7bbba7d23c
2019-07-30gsm0808_test: Fix wrong use of memcpPau Espin Pedrol1-1/+4
After recent system upgrade, gcc 9.1.0, I started getting gsm0808_test failing locally: Assert failed memcmp(&enc_ct, &dec_ct, sizeof(enc_ct)) == 0 libosmocore/tests/gsm0808/gsm0808_test.c:992 During investigation with gdb, fields of both structures seem to contain same values. However, closer lookup gives some hints on why it fails: (gdb) print memcmp(&enc_ct, &dec_ct, sizeof(enc_ct)) $1 = 85 (gdb) print memcmp(&enc_ct, &dec_ct, 12) $14 = 85 (gdb) print ((uint8_t*)&enc_ct)[11] $15 = 85 'U' (gdb) print ((uint8_t*)&dec_ct)[11] $16 = 0 '\000' So the 12th byte in struct gsm0808_channel_type is basically an alignment padding byte added by the compiler (to align perm_spch_len to 4-byte alignment). Since both compared structs are initialized without memset(0) but using compiler's designated initializers, it seems the compiler decided it's no longer needed to zero the padding byte, making memcp fail in this case. In order to avoid the failure, let's properly check every field instead of using memcp here. Change-Id: I17fe7a0a5dc650f050bba1f47d071be749550729
2019-07-30vty/logging_vty.c: fix writing of 'print category-hex'Vadim Yanitskiy1-0/+2
Change-Id: I33837f0fac1afe83596fa600916abc05ecb8c356
2019-07-27vty/telnet_interface.c: avoid unneeded initializationVadim Yanitskiy1-1/+1
Unconditional initialization follows the structure definition, so there is no need to do it twice. This prevents compiler from warning about potential errors. Change-Id: If9fd2826f132dfa203dda62940d93dbdfcfd92ac
2019-07-27vty/telnet_interface.c: use DLGLOBAL logging sub-systemVadim Yanitskiy1-2/+2
Change-Id: I1564f4714a33d36792e4982deb8f19d1b740dc0c
2019-07-26gsm/gsm48.h: drop meaningless 'const' from gsm48_mi_to_string()Vadim Yanitskiy2-4/+2
Change-Id: I5eb17edadf89ac47b4ca86c9e822037f7c0e518e
2019-07-25stats_vty: Add verb to sentence for show asciidoc countersDaniel Willmann1-1/+1
Change-Id: Ib444383d2074ddb89b3fe5bbf198bcbfabd7057f
2019-07-21tell ubsan to ignore SUN_LENEric Wild1-0/+3
ubsan will report undefined behavior due to the SUN_LEN macros interaction with a null pointer, so let's tell ubsan to ignore this function. After carefully reviewing the final publically availlable drafts of the C99,C11 and C18 standards I can confirm that dereferencing null pointers is still undefined behavior, as such ubsan will always warn with absolutely every existing compiler version. Since the sanitizers are periodically synced between llvm and gcc I'm also fairly confident that rebuilding everything with compiler_rt to use the integrated sanitizers would result in the same message. I sincerly hope that this explanation provides to be sufficient, If not I'd be willing to show up at the next llvm dev meeting to provide quotes from actual sanitizer developers to back up these claims. Change-Id: I0ff445072f1b46390c9f70b21d61c789e39358d5
2019-07-21gsm/gsm0480.c: use DLGLOBAL and LOGL_ERROR for loggingVadim Yanitskiy1-13/+13
Change-Id: Id38272ff93fae6d2fdf39df4ffc74856d6c9a898
2019-07-21gsm/gsm0480.c: parse_ss(): drop needless debug printVadim Yanitskiy1-2/+0
Change-Id: Ie18c291d0cfe3b246d09ac6cfd9591951a2984c8
2019-07-21osmo_get_rand_id(): Avoid dead code by proper #if/#else/#endifHarald Welte1-1/+2
Change-Id: I34e465dead179487f7d4508e0e6ecf0e838c6eb7 Closes: CID#177910
2019-07-21tdef: remove bogus OSMO_ASSERT(unsigned long >= 0)Harald Welte1-1/+0
Change-Id: I7a544d2d43b83135def296674f777e48fe5fd80a Closes: CID#190866
2019-07-21cbsp.c: Remove dead codeHarald Welte1-3/+1
Change-Id: I0888fbad0f9094ec1b31e2cceecfc9cd372399bd Closes: CID#202057
2019-07-20Add Cell Broadcast related definitions from 3GPP TS 23.041Harald Welte2-0/+90
Change-Id: I1e2c62cb9047648907c91b99f764f6caba8f4493
2019-07-20cbsp: Introduce osmo_cbsp_errstrHarald Welte3-28/+102
Rather than having the encoder/decoder library print some log messages in case of encoding/decoding errors, let's provide something akin to 'errno', but with a string instead of a numeric error code. The 'osmo_cbsp_errstr' global variable (if set) contains a human-readable string describing the most recent encoding/decoding error. It exists separately for each thread and hence can be used safely in multi-threaded environments. Change-Id: Id9a5a595a76ba278647aee9470ded213d8464103
2019-07-20CBSP (Cell Broadcast Service Protocol; 3GPP TS 48.049) supportHarald Welte7-1/+1954
This introduces definitions as well as a parser+encoder for the Cell Broadcast Service Protocol (CBSP) as specified in 3GPP TS 48.049. CBSP is used on the interface between CBC and BSC. Related: OS#3537 Change-Id: I5b7ae08f67e415967b60ac4b824db9e22ca00935
2019-07-18bitvec/bitval2mask(): cosmetic: get rid of temporary int variableVadim Yanitskiy1-11/+4
Change-Id: I9d6f6b66c99c43107d1ad3e80af332e967bb19e8
2019-07-18osmo_gsm48_rest_octets_si3_decode(): fix copy-paste error in commentVadim Yanitskiy1-1/+1
Change-Id: I57a330e16cc2910597672e1b27cf971499cea5bc
2019-07-17Set HTML_TIMESTAMP to NO to make build reproducibleRuben Undheim4-4/+4
Change-Id: I56cce5cda0621f5e9f1c28aaad4646e9e267d17d
2019-07-11contrib/jenkins.sh: run "make maintainer-clean"Oliver Smith1-0/+1
Related: OS#3047 Change-Id: Ic147678e7906a8b9ad7fac8367602b656f4172e6
2019-07-10libosmogsm/l1sap.h: extend ph_rach_ind_param with lqual_cbVadim Yanitskiy1-0/+1
The link quality, defined by C/I (Carrier-to-Interference) ratio, can be computed from the training sequence of each burst, where we can compare the "ideal" training sequence with the actual training sequence and then express that in cB (centiBels, dB * 10). By analogy with both RSSI and ToA, it can be used to filter out false-positive detections and ghost Access Bursts. Change-Id: Ie2a66ebd040b61d6daf49e04bf8a84d3d64764ee
2019-07-09Revert "utils.h: require a semi colon after OSMO_ASSERT"Vadim Yanitskiy1-2/+2
This reverts commit 4e284b637943980a405a8c44f2712b749ded428f. Unfortunately, some projects such as OsmoMSC, OsmoBTS and OpenBSC do contain OSMO_ASSERT statements without a semi colon. Thus, this change causes compilation errors when building them. Please note that only the OSMO_ASSERT's definition is reverted, while changes to other files (adding missing semicolons) are kept. Change-Id: I6da4d7397d993f6c1af658cb5ae1e49c92a1b350
2019-07-08utils.h: require a semi colon after OSMO_ASSERTAlexander Couzens3-6/+6
When using `OSMO_ASSERT(exp);` clang will warn about an empty expression because the semi colon was superflous. Use do {} while (0) to enfore the need of a semi colon. This might break other test. Change-Id: I2272d29a81496164bebd1696a694383a28a86434
2019-06-28Makefile.am: don't delete example.xml, vtydoc.xsdOliver Smith1-2/+4
Do not remove the entire doc/vty/ dir during the doxygen generation, because it contains versioned files. Fixes: 2fe50ac9511469a587426b80501b2b5da770e3a0 ("doxygen: enable cross referencing everywhere") Related: OS#3986 Change-Id: I884398c5e834ae2fac0af8c9b52d65bb3ceacb2d
2019-06-28gitignore: add doc/*.tag.prepOliver Smith1-0/+1
Ignore files created during the two-pass doxygen generation that was introduced in Ib03d0b70d536c8f1386def666c89106a840f7363. Change-Id: I719bbc968420c462426d2c0ce703c7f3b2c1139e
2019-06-25vty: Simplify char escaping in asciidoc outputPau Espin Pedrol1-9/+4
Change-Id: I7df6858bb98abffc1d5bf420f991ae5854b24638
2019-06-21gsm: lapd_core: Log timeout used upon start of T200Pau Espin Pedrol1-1/+2
The timeout is calculated dynamically in t200_by_lchan() based on FN advance value estimated by bts_get_avg_fn_advance(), so it's informative to have the final value printed out. Change-Id: Ib50a9c23de881c66c9218833703cc41101e06bfd
2019-06-19vty: Remove trailing whitespace in output from show asciidocPau Espin Pedrol1-2/+2
Change-Id: Ifb3115c7488fbcf082cc9b92abc25cf7c46064e0
2019-06-17bitvec: correct comment in bitvec_allocAlexander Couzens1-1/+1
The function allocates x bytes not bits for the vector. Change-Id: I60fbe9fe9acd11c5d3232207f1bb677e8a98625f
2019-06-17add define for magic tmsi constantEric Wild1-0/+1
Change-Id: I52b9f6b5f3e96d85a390ba2af21d7814df8aaeec
2019-06-16Revert "fsm.c: Print error message for FSM with allstate_action but no events"Vadim Yanitskiy1-11/+0
This reverts commit b3f94eb39e19366c3458643ee329a73155d46ff8, that unfortunately breaks some projects which call osmo_fsm_register() on DSO load (i.e. using __attribute__((constructor))) before the logging is initialized. Change-Id: Idc6fcce7e946c23d48589b920e309d60aa7b6645
2019-06-15fsm.c: Print error message for FSM with allstate_action but no eventsHarald Welte1-0/+11
As suggested by Vadim while reviewing a related fix for ipa_keepalive.c in libosmo-abis (see https://gerrit.osmocom.org/#/c/libosmo-abis/+/13540/), it makes sense to print an error message if anyone registers a FSM that specifies an allstate_action callback but at the same time no events that would ever end up in that callback. Change-Id: I9e73f7363ab15a00843e3f0d1e5776f4be7ebc46
2019-06-14vty: command.c: Fix: single-choice optional args are no longer passed ↵Pau Espin Pedrol2-6/+15
incomplete to vty func For instance, take command "single0 [one]": If user executes "single0 on", VTY func will receive argv[0]="one" instead of argv[0]="on". Related: OS#4045 Change-Id: I5f4e2d16c62a2d22717989c6acc77450957168cb
2019-06-14vty: command.c: Fix: multi-choice args are no longer passed incomplete to ↵Pau Espin Pedrol3-18/+56
vty func For instance, take command "multi0 (one|two|three)": If user executes "multi0 tw", VTY func will receive argv[0]="two" instead of argv[0]="tw". Fixes: OS#4045 Change-Id: I91b6621ac3d87fda5412a9b415e7bfb4736c8a9a
2019-06-14vty: tests: Verify incomplete optional parameters are passed to vty funcsPau Espin Pedrol2-0/+18
The test shows that in the case were "single0 on" is executed, VTY function should return complete "single0 one" but it doesn't. Related: OS#4045 Change-Id: Ib5b9dc07e2b280dc95011b3926afb1d490cadd81
2019-06-14vty: command.c: Get rid of big indentation blockPau Espin Pedrol1-30/+30
This block will become bigger in forthcoming commits. Change-Id: Ibc1494014b1e77ce10950f7268a44d2d2091a6f2
2019-06-14command.c: Improve return check condition in cmd_execut_command_real()Pau Espin Pedrol1-2/+2
Check against MAX argc is changed to == since it cannot be incremented twice without passing the check. Change-Id: Ia330e475989fda863bedcc3cbf94deaf8dd83037
2019-06-13logging: Use reentrant ctime_r instead of ctimePau Espin Pedrol1-5/+8
It was noticed that multithreaded processes like osmo-trx can crash upon using ctime(). Related: OS#4055 Change-Id: I19ebf29a2f1fc855bb7d56766b338c7c3432dfd1
2019-06-13(minor) fix typo in commentsKévin Redon1-3/+3
Change-Id: I697af428a2ea9a0ccd3f04ba8ec4664935ae29f8
2019-06-13logging: Check return error from time() callPau Espin Pedrol1-1/+2
Related: OS#4055 Change-Id: Ief155a76169426a677256e09d3e91751c4e2529f
2019-06-13minor: don't redefine macrosKévin Redon2-0/+4
the DEBUG macro name and ARRAY_SIZE macro function are frequently used in other projects. If these projects also use libosmocore, the macros will be redefined. This also generates a warning message during compilation. Not redefining the macros removes the warning message and possible (but unlikely) mis-redefinition. Change-Id: I0ba91eae8eacc5542d1647601b372e417ed1713c
2019-06-13fix isdigit taking unsigned as inputKévin Redon2-2/+2
fixes the following error warnings when cross-compiling using: ./configure --enable-static --prefix=/usr/local/arm-none-eabi --host=arm-none-eabi --enable-embedded --disable-doxygen --disable-shared --disable-pseudotalloc --enable-external-tests CFLAGS="-Os -ffunction-sections -fdata-sections -nostartfiles -nodefaultlibs -Werror -Wno-error=deprecated -Wno-error=deprecated-declarations -Wno-error=cpp -mthumb -Os -mlong-calls -g3 -mcpu=cortex-m4 -mfloat-abi=softfp -mfpu=fpv4-sp-d16 -Wno-error=format" utils.c:1002:18: error: array subscript has type 'char' [-Werror=char-subscripts] 1002 | if (!isdigit(in[i])) gsm23003.c:414:34: error: array subscript has type 'char' [-Werror=char-subscripts] 414 | if (!mnc_str || !isdigit(mnc_str[0]) || strlen(mnc_str) > 3) Change-Id: Ia13fd5ee79fc6dc3291c0b99958ab3c01afee17d
2019-06-12vty: command.c: Get rid of huge indentation blockPau Espin Pedrol1-91/+94
Huge conditional block inside for loop is negated in this patch together with a "continue" keyword, similar to what was already done recently in 4742526645d6137dd90ef369f0415afdb91736dc. Change-Id: I803c4ed38e9ab09bf929528c75a60e6f65da3928
2019-06-12cosmetic: vty: command.c: Use upper case for enum match_type value namesPau Espin Pedrol1-101/+101
Makes code easier to follow because enum values no longer look like variables. Change-Id: Ib6e9592c5962d047869a280c10f9b557fae6f435
2019-06-12protocol/gsm_04_08.h: do not check if unsigned is positiveVadim Yanitskiy1-3/+3
Change-Id: I6b486b52a3733d5fd5e8ba18acbc9374e2e8bd7e
2019-06-12core/utils: drop meaningless const from return value of osmo_luhn()Vadim Yanitskiy2-2/+2
Change-Id: I085da06f31a0a6862ae2ba041fafc134cc240f7e
2019-06-11vty: command.c: Fix is_cmd_ambiguous() returning always 0Pau Espin Pedrol3-43/+14
inner block defined variable "enum match_type ret" was being masking outter block variable "int ret = 0". The ret variable was being given non zero values only inside the inner block, so that change was done on the inner variable and not the outer one, which is returned. Fixes: 5314c513f23688462d7f7937e5ae5e0d5cd4548e Change-Id: Iec87d7db49a096d07e38ff8a060b923a52bfd6ba