authorHarald Welte <laforge@gnumonks.org>2019-02-18 12:36:54 +0100
committerHarald Welte <laforge@gnumonks.org>2019-02-18 13:11:03 +0000
commit10ba47dd37951a4f572626c1a8df50242a4c47da (patch)
tree5e297b898908d699d9d04eaae7e632c8a44fd6d9 /src/gsm
parent2cbe25f4844c82930078bbada753a9b079bf287b (diff)
Fix BSSMAP length generated by gsm0808_create_clear_command2()
In Change-Id Id8a75e1da2d5f520064666e4ee413d1c91da6ae3 we recently introduced adding the "CSFB INDICATOR" IE to the CLEAR COMMAND, but we did so with a wrong length value. Change-Id: I4d07d25fb03ca0f89fd7b94226c54309c77a010a Closes: OS#3805 Related: OS#2778
diff --git a/src/gsm/gsm0808.c b/src/gsm/gsm0808.c
--- a/src/gsm/gsm0808.c
+++ b/src/gsm/gsm0808.c
@@ -201,13 +201,19 @@ struct msgb *gsm0808_create_clear_command(uint8_t cause)
* \returns callee-allocated msgb with BSSMAP Clear Command message. */
struct msgb *gsm0808_create_clear_command2(uint8_t cause, bool csfb_ind)
- struct msgb *msg = gsm0808_create_clear_command(cause);
+ struct msgb *msg = msgb_alloc_headroom(BSSMAP_MSG_SIZE, BSSMAP_MSG_HEADROOM,
+ "bssmap: clear command");
if (!msg)
return NULL;
+ msgb_v_put(msg, BSS_MAP_MSG_CLEAR_CMD);
+ gsm0808_enc_cause(msg, cause);
if (csfb_ind)
msgb_v_put(msg, GSM0808_IE_CSFB_INDICATION);
+ msg->l3h = msgb_tv_push(msg, BSSAP_MSG_BSS_MANAGEMENT, msgb_length(msg));
return msg;