aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2018-05-26ctrl: Add doxygen API documentation; generate html from itHarald Welte6-12/+1869
Closes: OS#3293 Change-Id: I8dc2f24d4bf557ff7bb0f2f46881f9f8d9d7f86f
2018-05-26ctrl: Introduce libosmoctrl.map to avoid unintended exportsHarald Welte3-0/+38
There are some symbols for use between control_cmd.c and control_if.c, which are not supposed to be exported publicly. Let's make sure we keep those symbols local. Change-Id: Ia85f36a9c4b2ebf4003718e0a230959638370320
2018-05-26cosmetic: Whitespace fixes in control_if.cHarald Welte1-3/+3
Change-Id: I24666d0b90a355e9fdefd280d48900b8cac1de64
2018-05-26Add enum gsm48_cause_coding from GSM 04.08 Section 10.5.4.11Keith1-0/+8
Change-Id: I3d9c8e117ad19f70a3273650d7c0f8280d7bdb9a
2018-05-25remove unused argument from pad_append_ctr() helper functionStefan Sperling1-7/+7
Change-Id: Iff5699be1dc306120cc1752b0a892e4fcbc5a8c0 Fixes: 97d3da2c591984b47839fd1d9a5cba24a7f05fa1 Related: OS#3245
2018-05-24Add a 'show rate-counters' VTY command.Stefan Sperling1-0/+17
Add a new VTY command which shows all rate counters registered with libosmocore. Change-Id: Id60a5aa2d961ae99cddf1e776358a5517dbc573d Depends: Idb3ec12494ff6a3a05efcc8818e78d1baa6546bd Related: OS#3245
2018-05-24introduce vty_out_rate_ctr_group_fmt() functionStefan Sperling2-0/+138
This new function can be used to print a rate counter group according to a format string. The intention is to generalize and replace manual printing of counters as implemented for the 'show statistics' VTY command of osmo-bsc. Related: OS#3245 Related: osmo-bsc commit 71d524c059c5a5c90e7cb77d8a2134c1c68b9cde (g#9217) Change-Id: Idb3ec12494ff6a3a05efcc8818e78d1baa6546bd
2018-05-24mncc: properly export osmo_mncc_name()Harald Welte3-4/+6
For some strange reason, the osmo_mncc_name() inline function was not in the mncc.h header, but in the mncc.c file. Let's fix that. Change-Id: I2c3666510c981dffa4ba25bed517fd7ebd1250f5
2018-05-17gsm: kasumi: Fix dynamic-stack-buffer-overflow on out buffers not multiple ↵Pau Espin Pedrol2-6/+15
of 64 bits Fixes following AddressSanitizer report during gea_test run with gcc 8.1.0: ==8899==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address 0x7ffc5f1719bb at pc 0x7fe574adc5fe bp 0x7ffc5f171460 sp 0x7ffc5f171450 WRITE of size 1 at 0x7ffc5f1719bb thread T0 #0 0x7fe574adc5fd in osmo_store64be_ext ../../include/osmocom/core/bit64gen.h:75 #1 0x7fe574adc649 in osmo_store64be ../../include/osmocom/core/bit64gen.h:104 #2 0x7fe574ade936 in _kasumi_kgcore libosmocore/src/gsm/kasumi.c:186 #3 0x7fe574ae2532 in gea4 libosmocore/src/gsm/gea.c:44 #4 0x7fe574ae266c in gea3 libosmocore/src/gsm/gea.c:60 #5 0x7fe574a9b616 in gprs_cipher_run libosmocore/src/gsm/gprs_cipher_core.c:95 #6 0x56422d3fb2ee in test_gea libosmocore/tests/gea/gea_test.c:29 #7 0x56422d3fb506 in main libosmocore/tests/gea/gea_test.c:49 #8 0x7fe5730f406a in __libc_start_main (/usr/lib/libc.so.6+0x2306a) #9 0x56422d3fadf9 in _start (libosmocore/tests/gea/.libs/lt-gea_test+0x1df9) The kasumi_test is updated to calculate the entire array of bits according to expected result. Before this commit it worked by writing the entire last 64bit block, and addressSanitizer cannot catch it because the allocated buffer is 64bit aligned too. Change-Id: I7b2a0224a3b5527d5a3ad7e17efc73081b63eac1
2018-05-16tests: a5_test: Print wrong buffer correctly on errorPau Espin Pedrol1-1/+3
Before this patch, osmo_hexdump is called stacked in th esame printf function. As a result, the first returned buffer is overwriten by the second, which means the printed buffers will show as the same always. Change-Id: I364328a59da31537c6c9b969e34edd360b685081
2018-05-16tests: gea_test: Use correct max size for key in bufferPau Espin Pedrol1-2/+2
Expect key sizes for GEA are 64-128 bits. Change-Id: Iaf81992a2901733b630e3046b0c4bdc1fb9a8ace
2018-05-16tests: bitrev_test: Fix dynamic-stack-buffer-overflowPau Espin Pedrol2-4/+3
Fixes following AddressSanitizer report: ==1983==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address 0x7ffc245f47e6 at pc 0x7f3e2deea68c bp 0x7ffc245f4750 sp 0x7ffc245f4740 WRITE of size 1 at 0x7ffc245f47e6 thread T0 #0 0x7f3e2deea68b in osmo_nibble_shift_right libosmocore/src/bits.c:92 #1 0x55c01902e1ab in sh_chk libosmocore/tests/bits/bitrev_test.c:215 #2 0x55c01902ed8f in main libosmocore/tests/bits/bitrev_test.c:305 #3 0x7f3e2c93006a in __libc_start_main (/usr/lib/libc.so.6+0x2306a) #4 0x55c01902c059 in _start (libosmocore/tests/bits/.libs/lt-bitrev_test+0x5059) This patch can be seen as a follow-up of commit 4fd6023b0383e7efa3b7b0211104a86ff5d3d4f6, which already fixed the left-shift case in the same way. Change-Id: I6e86d0164b7e982bf7b7449d5b3abfb3e1e5da46
2018-05-15fix spellingThorsten Alteholz2-4/+4
Change-Id: I3ac92217f83279d5f987ab34eb18b2e6cb1c7812
2018-05-15fsm: guard action callbackPhilipp Maier1-1/+3
The FSM allows to set individual action callback functions for each state but it does not allow to leave the action callback pointer unpopulated. However, there are cornercases where having no callback function is desirable. - Check if action callback is popolated before executing it. Change-Id: I36d221c973d3890721ef1d376fb9be82c4311378
2018-05-11isdnhdlc: Port from kernel to userspaceHarald Welte4-84/+75
* prefix all symbols/constants with osmo_ * use stdint.h types instead of kernel types * use Doxygen API documentation * use Osmocom CRC16-CCITT functions * use Osmocom bit-reversal functions * integrate with Automake Change-Id: I109085ab3e412c20b19cd42fb7137aa0e4167542
2018-05-11import isdn4linux HDLC code from linux kernelHarald Welte2-0/+712
I've been importing from 94d7dbf108813ea45a91e27e9a8bd231d5a23fa7 but the isdnhdlc code hasn't seen any changes since 2012 anyway. Change-Id: I3c58f9cb6921c2fdd0f2fcb11f622a0be88c7c63
2018-05-10Add osmo_timerfd_* functions for osmo_fd-wrapped timerfdHarald Welte3-1/+74
Linux offers file descriptor based periodic (interval) timers, which can achieve a higher precision than our userspace based timers and which can be slave'd to CLOCK_MONOTINIC or other clock sources. Let's add some code for osmo_fd wrapped versions that integrate well with our select() abstraction. The code has been used in osmo-bts-trx since June 2017 (change-id I51b19adde14ebb7ef3bb863d45e06243c323e22e), and I'm just renaming and moving it to libosmocore here. After a merge, the osmo-bts implementations can be removed in favor if this one. Change-Id: Ibeffba7c997252c003723bcd5d14122c4ded2fe7
2018-05-09lapdm: don't enforce contention resolution on SAPI0/DCCHHarald Welte1-5/+2
In Change-Id: I8c2c103cdc7f9a45d7b2080c572f559fc3db58e4 we introduced a check to enforce contention resolution always being used in MS-originated LAPDm establishment on the main DCCH / SAPI0. This is only required after RACH request (IMM.ASS.) and not after a normal assignment command which was sent already via a dedicated channel. Hence, we cannot enforce a strict requirement for contention resolution in those cases. We *could* use the RSL Channel Activation type as a constraint on whether or not to enforce contention-resoluiton-only LAPDm establishment, but this is out of the scope of the LAPDm code but would have to be done inside OsmoBTS. Related: OS#3252 Change-Id: Id903492ee90809fe98defcf4abc0419b8150069f
2018-05-08lapdm: send_rslms_rll_l3_ui(): Don't include B4/SACCH IE unless neededHarald Welte1-3/+5
The RSL_IE_MS_POWER / RSL_IE_TIMING_ADVANCE is how we communicate the SACCH L1 header values on the MS side between LAPDm and L3 (which is a non-standard use of RSL). However, those IEs only maek sense on the SACCH, where we have B4 frame format and where we actually have a L1 header containing related information. Let's make sure to skip those IEs on regular RLL UNIT DATA INDICATION happening on other channel types. Change-Id: I6f13e02192531479287f71de674d17ca2ceabdc6 Closes: OS#3249
2018-05-08lapdm: cleanup: send_rslms_rll_l3_ui(): Use msgb_tv_push()Harald Welte1-9/+5
This is a purely cosmetic clean-up to use the msgb_tv_push() API to pre-pend a Tag-Value IE to a msgb, rather than the existing open-coding approach. Change-Id: I19bbfa1e327a617685ed11d4182e533df33215cb
2018-05-08add gsm0808 channel enum to IE val conversion functionsNeels Hofmeyr3-0/+117
Add: - gsm0808_current_channel_type_1() - gsm0808_permitted_speech() - gsm0808_chosen_channel() - gsm0808_channel_type_name() gsm0808_permitted_speech() is moved from osmo-bsc's bssap_speech_from_lchan(); gsm0808_chosen_channel() is moved from osmo-bsc's lchan_to_chosen_channel(); Rationale: will be re-used by inter-BSC handover, makes sense to keep with the other gsm0808 utils. Related: OS#2283 (inter-BSC handover, BSC side) Change-Id: I8a3cc5d4548e9a78d945d54c69ccced251edcec9
2018-05-08lapdm: Implement SABM related constraintsHarald Welte1-0/+45
* MO SAPI0 establishment *must always* have L3 payload for contention resolution * SAPI3 establishment *must never* use contention resolution * MT establish must never use contention resolution Change-Id: I8c2c103cdc7f9a45d7b2080c572f559fc3db58e4 Closes: OS#2370
2018-05-07define a constant for the max length of called party BCD IEStefan Sperling1-0/+1
According to TS 24.008 10.5.4.7 the called party BSC number IE has a maximum length of 43 octets. This length is assumed inside osmo-hlr with a magic number: uint8_t msisdn_enc[43]; /* TODO use constant; TS 24.008 10.5.4.7 */ This change makes libosmocore provide a constant which osmo-hlr can use. Change-Id: Ia0bf6ceadcac38a8c75d166402b54058e5c6c6d4
2018-05-04lapdm: Fix back-pointer from lapdm_entity to lapdm_channelHarald Welte1-0/+2
It seems that during all those years it has never been noted that the back-pointer from the lapdm_entity to the lapdm_channel was never initialized. Let's fix that. Change-Id: Iaca66cd6a2c9f315561e365b51163927868fc346
2018-05-04configure: Check separately for lib implementing dlopen and dlsymPau Espin Pedrol3-6/+8
Sometimes the library probiding dlopen is not the same one providing dlsym. This is the case when compiling with AddressSanitizer enabled. In this case, AC_SEARCH_LIBS([dlopen]...) reports no lib is required, but tests using dlsym still require to link against -ldl. Change-Id: Ic619b0885688066b60c97caf1e2c7e5402c1d9f7
2018-05-04control_if: Avoid heap-use-after-free in osmo_wqueue_bfd_cbPau Espin Pedrol2-22/+25
Imagine following scenario: 1- client connects to CTRL iface, a new conn is created with POLL_READ enabled. 2- A non-related event happens which triggers a TRAP to be sent. As a result, the wqueue for the conn has now enabled POLL_WRITE, and message will be sent next time we go through osmo_main_select(). 3- At the same time, we receive the GET cmd from the CTRL client, which means POLL_READ event will be also triggered next time we call osmo_main_select(). 4- osmo_main_select triggers osmo_wqueue_bfd_cb with both READ/WRITE flags set. 5- The read_cb of wqueue is executed first. The handler closes the CTRL conn for some reason, freeing the osmo_fd struct and returns. 6- osmo_qeueue_bfd_cb keeps using the already freed osmo_fd and calls write_cb. So in step 6 we get a heap-use-after-free catched by AddressSanitizer: 20180424135406115 DLCTRL <0018> control_if.c:506 accept()ed new CTRL connection from (r=10.42.42.1:53910<->l=10.42.42.7:4249) 20180424135406116 DLCTRL <0018> control_cmd.c:378 Command: GET bts.0.oml-connection-state 20180424135406117 DLINP <0013> bts_ipaccess_nanobts.c:417 Identified BTS 1/0/0 20180424135406118 DNM <0005> abis_nm.c:1628 Get Attr (bts=0) 20180424135406118 DNM <0005> abis_nm.c:1628 Get Attr (bts=0) 20180424135406118 DCTRL <000e> osmo_bsc_ctrl.c:158 BTS connection (re)established, sending TRAP. 20180424135406119 DLCTRL <0018> control_if.c:173 close()d CTRL connection (r=10.42.42.1:53910<->l=10.42.42.7:4249) ================================================================= ==12301==ERROR: AddressSanitizer: heap-use-after-free on address 0x611000003e04 at pc 0x7f23091c3a2f bp 0x7ffc0cb73ff0 sp 0x7ffc0cb73fe8 READ of size 4 at 0x611000003e04 thread T0 #0 0x7f23091c3a2e in osmo_wqueue_bfd_cb /home/osmocom-build/jenkins/workspace/osmo-gsm-tester_build-osmo-bsc/libosmocore/src/write_queue.c:65 #1 0x7f23091ad5d8 in osmo_fd_disp_fds /home/osmocom-build/jenkins/workspace/osmo-gsm-tester_build-osmo-bsc/libosmocore/src/select.c:216 #2 0x7f23091ad5d8 in osmo_select_main /home/osmocom-build/jenkins/workspace/osmo-gsm-tester_build-osmo-bsc/libosmocore/src/select.c:256 #3 0x56538bdb7a26 in main /home/osmocom-build/jenkins/workspace/osmo-gsm-tester_build-osmo-bsc/osmo-bsc/src/osmo-bsc/osmo_bsc_main.c:532 #4 0x7f23077532e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0) #5 0x56538bdb8999 in _start (/home/jenkins/workspace/osmo-gsm-tester_run-prod/trial-896/inst/osmo-bsc/bin/osmo-bsc+0x259999) Fixes: OS#3206 Change-Id: I84d10caaadcfa6bd46ba8756ca89aa0badcfd2e3
2018-05-03Bump version: 0.10.2.284-bc47-dirty → 0.11.00.11.0Pau Espin Pedrol10-16/+333
Remark: For libosmogb and libosmogsm, LIBVERSION was already bumped in c4fce1425e19d604c199c895e227dc2519110456. Change-Id: Ib4fa53a9bb9954ae48d0a610ba9a81dd8e8b4ef6
2018-05-03debian/changelog: Fix typo in maintainer e-mailPau Espin Pedrol1-4/+4
Change-Id: I74bef283090fd7601491c9fef9637f845853d032
2018-05-03debian: libosmoctrl: Use correct library version in pkg namePau Espin Pedrol2-3/+3
The number used in debian packaging is actually current-age, which is still 0 in this case after it was bumped a while ago. As a result, we had a libosmoctrl1_*.deb package installing a libosmoctrl.so.0 file. Fixes: OS#3175 Change-Id: I771f6c68570bc3b2bab68e1165c7284fd43e904d
2018-05-03osmo-release.sh: Allow user to add extra information to the release commitPau Espin Pedrol1-0/+1
Change-Id: Ie25d921dd27fb7653bd616cb2912330964108663
2018-05-03osmo-release.sh: Always generate entire commit changelogPau Espin Pedrol2-19/+13
Before this commit, for library projects (containing LIBVERSION in some Makefile), the entire commit list was not stored into the changelog, but only a few lines from TODO-RELEASE files. This is a bad approach for several reasons. First, because that file was only aimed at containing API/ABI breaks, and not the full relevant changeset (like bugfixes, new features, etc.). Second, because it relies on every developer making API/ABI changes to remember to store the change in there during commit break time. Let's instead always store the entire commit list in changelog, and let's use TODO-RELEASE only as a list of hints for the maintainer to help him evaluate how LIBVERSION needs to be bumped for each library. Other tools such as osmo-abi-check.git can be used to help with the process of decission too. Let's take the opportunity too to only commit stuff already added to the staging area, as it proved easier to manage from my personal experinece making latest releases. Change-Id: Ibf662173ce2b4ff3966e9ad5f56c65dfb13607ff
2018-05-02osmo-release.sh: Fix error condition no LIBVERSION modifiedPau Espin Pedrol1-5/+2
It turns out git status doesn't return an error code in any of the modified/unmodified cases. It's not clear anyway why we check TODO-RELEASE when we actually care about the file containing the LIBVERSION (non-)change. Change-Id: I2320d6ee29cd528e55c0609be1af350655123b85
2018-05-02osmo-release.sh: Exit with error if no description for new changelog entry ↵Pau Espin Pedrol1-0/+5
provided If no line is provided, then the xargs line doesn't call dch (due to -r param) and as a result no new version entry is created in the log, and the old one is updated. Change-Id: I17894f669e6d3d6d31203a4522dce7fa01da323f
2018-05-02osmo-release.sh: Remove temporary file TODO-RELEASE.entries after usePau Espin Pedrol1-0/+1
Change-Id: I1cac39093d43910c2f5b969f5287cf3678110f4e
2018-05-02gsm_utils: call gnutls_global_init() as constructorAlexander Couzens1-0/+19
gnutls_global_init must be called at least once for gnutls < 3.3.0. It doesn't hurt calling it twice, except a reference counter is increased. gnutls >= 3.3.0 will call it automatic. Fixes: OS#2986 Change-Id: I241b6ae5aa8df13dd78f04658cf0953e9561c9e2
2018-04-23gsm0808_test: silence deprecation: use gsm0808_create_layer3_2()Neels Hofmeyr1-1/+11
Change-Id: Ia0afecafa8862ffbe2af3c86e5552673f0935eb0
2018-04-23gsm0808_test: fix more missing inits (address sanitizer issues)Neels Hofmeyr1-59/+52
In recent Iaa20c59f624fbdc69a018cabd0f7e9c5a1389519 I fixed one missing init issue and didn't notice the N other similar ones right next to it. Also fix the remaining missing inits. Fixes: ../../../../src/libosmocore/src/gsm/gsm0808_utils.c:187:8: runtime error: load of value 13, which is not a valid value for type '_Bool' ../../../../src/libosmocore/src/gsm/gsm0808_utils.c:191:8: runtime error: load of value 119, which is not a valid value for type '_Bool' Related: OS#3148 Change-Id: Ie8a1a9b3132024135ca70390eae4d21c907b2edc
2018-04-23gsm_08_58.h: introduce RSL_IE_ERIC_PAGING_GROUPAlexander Couzens1-0/+1
Ericsson supports a RSL command to page and immediate assign as single command. For paging a MS the BTS must know the paging group. Change-Id: I9194500e307ad69f8da07510bc965a7a5cd82a2a
2018-04-21gsm_08_58.h: Add Ericsson vendor-specific RSL message typesPau Espin Pedrol1-0/+5
We are alredy doing the same way for ip.access and siemens ones, and this way we avoid using the hardcoded value in osmo-bsc. Change-Id: I7cb65f3ff1cfdbe4eee97b7545bcd13a38c72e25
2018-04-19RSL/LAPDm: Not all RLL message are "transparent"Harald Welte2-4/+21
3GPP TS 48.058 has a very clear definition of which messages are "transparent" and hence have the T-bit == 1. This is *not* just all RLL messages, but basically only RLL_DATA.{ind,req} and RLL_UNITDATA.{ind,req}. All other messages are non-transparent. Change-Id: I9f83654af189d818563d799bf623325b7fee8e70 Closes: OS#3188
2018-04-18osmo_sockaddr_is_local: Fix memleakPau Espin Pedrol1-1/+4
Catched by AddressSanitizer in osmo-bts-trx while running tests in osmo-gsm-tester: ==31738==ERROR: LeakSanitizer: detected memory leaks Direct leak of 5744 byte(s) in 1 object(s) allocated from: #0 0x7ff7ec789ed0 in calloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1ed0) #1 0x7ff7e952697c (/lib/x86_64-linux-gnu/libc.so.6+0x10297c) #2 0x7ff7e95274df in getifaddrs (/lib/x86_64-linux-gnu/libc.so.6+0x1034df) #3 0x7ff7eadcdc8f in osmo_sockaddr_is_local libosmocore/src/socket.c:537 Change-Id: I778d3c1f162abce0595e62670c29c5134bccd28d
2018-04-18osmo_get_macaddr: Fix buffer read out of boundsPau Espin Pedrol1-2/+7
Catched by address sanitizer in osmo-bts-trx during osmo-gsm-tester test run. ==25503==ERROR: AddressSanitizer: global-buffer-overflow on address 0x55b4e8468780 at pc 0x7fd824f543ba bp 0x7fffc21009f0 sp 0x7fffc21009e8 READ of size 16 at 0x55b4e8468780 thread T0 #0 0x7fd824f543b9 in osmo_get_macaddr libosmocore/src/macaddr.c:132 #1 0x55b4e842df33 in abis_open osmo-bts/src/common/abis.c:256 #2 0x55b4e84286c9 in bts_main osmo-bts/src/common/main.c:342 #3 0x7fd8235ab2e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0) #4 0x55b4e838e759 in _start (/home/jenkins/workspace/osmo-gsm-tester_run-prod/trial-807/inst/osmo-bts/bin/osmo-bts-trx+0xfc759) Change-Id: I3727ef339279c8eeb85908735467bfd0e02ca259
2018-04-18add gsm0808_cell_{id,id_list}_name() and friendsNeels Hofmeyr6-98/+216
Provide comprehensive API to obtain string representations of Cell Identifiers and -Lists. Change gsm0808_test.c to use the new functions (which simplifies the output a bit), so that we don't duplicate printing code in gsm0808_test.c, and so that the not-so-trivial printing code is also tested. In gsm0808_test, also test gsm0808_cell_id_list_name_buf()'s return value and truncation behavior. The rationale for gsm0808_cell_id_list_name(), i.e. printing an entire list of cell identifiers, is that even though the maximum is 127 elements, a list of more than a few elements is hardly ever expected in practice (even more than one element isn't actually expected: either "entire BSS" or a single LAC). It is thus useful to log the entire list when it shows up in Paging and Handover. Change-Id: I9b2106805422f96c5cc96ebb9178451355582df3
2018-04-18tlv: add TLV_GET() and TLV_GET_MINLEN()Neels Hofmeyr1-0/+21
Rationale: so far we use code like if (TLVP_PRESENT(&tp, VERY_LONG_ENUM_VALUE_NAME_THAT_NEVER_ENDS)) { val = TLVP_VAL(&tp, VERY_LONG_ENUM_VALUE_NAME_THAT_NEVER_ENDS); len = TLVP_LEN(&tp, VERY_L0NG_ENUM_VALUE_NAME_TH4T_NEVER_EMDS); } This is a) very long and b) prone to picking the wrong name one of the three times, which would use the wrong length or val without necessarily being noticed. A safer and shorter, more readable pattern is: struct tlv_p_entry *e = TVLP_GET(&tp, VERY_LONG_ENUM_VALUE_NAME_THAT_NEVER_ENDS); if (!e) return -ENOENT; hexdump(e->val, e->len); Change-Id: I445de17fc2daa3ab051f5708dd0cc185b23dc048
2018-04-17gsm/gsm48.c: add call independent SS message namesVadim Yanitskiy1-0/+12
Change-Id: I697639d8469e5dda617b27995c4a92e1f0c0bead
2018-04-17protocol/gsm_04_08.h: drop incorrect GSM48_PDISC_USSDVadim Yanitskiy2-2/+0
According to the GSM TS 04.07, section 11.2.3.1.1 "Protocol discriminator", bits 1 to 4 of the first octet of a standard L3 message contain the protocol discriminator IE. Meanwhile, the GSM48_PDISC_USSD represents value 0x11, i.e. 0b10001, that requires 5 bits, and moreover it is not documented anywhere. Let's drop it. Change-Id: Ic4eb8a6db4ff1dfd535bd0c84e7acf1908422f64
2018-04-17prevent integer underflow in ipa_ccm_make_id_resp_from_req()Harald Welte1-1/+6
don't blindly trust the tag-length value in an IPA CCM ID GET message. This could result in a remotely-triggered integer underflow. Change-Id: I4723361e1094b358310541a7dc4c5c921c778a15
2018-04-16cosmetic: log: fix typo, clarify msg for rate_ctr name manglingNeels Hofmeyr1-2/+3
Change-Id: I9a04d501698f8a3360ef9dcbf04b57c5ac10e63b
2018-04-15test_gsm0808_enc_dec_speech_codec_with_cfg: initialize properlyNeels Hofmeyr1-7/+7
The uninitialized members of enc_sc sporadically hit address sanitizer failure during gsm0808_test, like: ../../../../src/libosmocore/src/gsm/gsm0808_utils.c:187:8: runtime error: load of value 13, which is not a valid value for type '_Bool' ../../../../src/libosmocore/src/gsm/gsm0808_utils.c:191:8: runtime error: load of value 119, which is not a valid value for type '_Bool' How the test survived so long is a mystery to me; as soon as some uninitialized members would by coincidence not be zero, the test should always have failed at OSMO_ASSERT(memcmp(&enc_sc, &dec_sc, sizeof(enc_sc)) == 0). Related: OS#3148 Change-Id: Iaa20c59f624fbdc69a018cabd0f7e9c5a1389519
2018-04-13test_gsm0808_enc_dec_cell_id_list_lac(): populate all LACsNeels Hofmeyr2-4/+4
Change-Id: I7535166a2827c03a954fe72d5d99217e4f25868f