From 0bf622e0573ae44b90f14a0bbc2a9ef21f5bf457 Mon Sep 17 00:00:00 2001
From: Vadim Yanitskiy <axilirator@gmail.com>
Date: Sat, 9 Nov 2019 01:57:17 +0700
Subject: gprs_bssgp_destroy(): fix memleak and NULL-pointer dereference

So far there was a memory leak, because free()ing 'the_pcu.bctx'
would cause ASAN to complain. And that's reasonable, because it
needs to be freed properly. Moreover, 'the_pcu.bctx' may simply
be uninitialized in some cases, e.g. when OsmoPCU is terminated
before connecting to the SGSN.

Let's use the new bssgp_bvc_ctx_free() from libosmogb.

Change-Id: I274e79e1746c7678b81720ec11e8a564befe38ba
Depends: Ia78979379dbdccd6e4628c16f00d0c06d9212172
---
 src/gprs_bssgp_pcu.cpp | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

(limited to 'src')

diff --git a/src/gprs_bssgp_pcu.cpp b/src/gprs_bssgp_pcu.cpp
index dd9eb686..914afc07 100644
--- a/src/gprs_bssgp_pcu.cpp
+++ b/src/gprs_bssgp_pcu.cpp
@@ -971,12 +971,7 @@ void gprs_bssgp_destroy(void)
 
 	gprs_ns_destroy(nsi);
 
-	/* FIXME: move this to libgb: btsctx_free() */
-	llist_del(&the_pcu.bctx->list);
-#warning "This causes ASAN to complain. It is not critical for normal operation but should be fixed nevertheless"
-#if 0
-	talloc_free(the_pcu.bctx);
-#endif
+	bssgp_bvc_ctx_free(the_pcu.bctx);
 	the_pcu.bctx = NULL;
 }
 
-- 
cgit v1.2.3