From 9329e6fb490960359d9b93d08585441d86f44b81 Mon Sep 17 00:00:00 2001
From: Neels Hofmeyr <nhofmeyr@sysmocom.de>
Date: Fri, 3 Jun 2016 00:44:23 +0200
Subject: gprs_gmm.c: don't transmit NOTEXIST when mmctx is NULL

Add missing mmctx NULL check in gsm0408_rcv_gmm(). gsm48_tx_gmm_status() would
dereference mmctx without checking, so we can't call it if mmctx == NULL.

Follows up on recent e98ba82d2b07c835:
"gprs_gmm.c: Don't try to de-reference NULL mmctx".

Change-Id: If59efbde86c76ffe91a0b33be87273783a2a4a02
---
 openbsc/src/gprs/gprs_gmm.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/openbsc/src/gprs/gprs_gmm.c b/openbsc/src/gprs/gprs_gmm.c
index 68ba32680..5848a63f5 100644
--- a/openbsc/src/gprs/gprs_gmm.c
+++ b/openbsc/src/gprs/gprs_gmm.c
@@ -1464,7 +1464,10 @@ static int gsm0408_rcv_gmm(struct sgsn_mm_ctx *mmctx, struct msgb *msg,
 	default:
 		LOGMMCTXP(LOGL_NOTICE, mmctx, "Unknown GSM 04.08 GMM msg type 0x%02x\n",
 			gh->msg_type);
-		rc = gsm48_tx_gmm_status(mmctx, GMM_CAUSE_MSGT_NOTEXIST_NOTIMPL);
+		if (mmctx)
+			rc = gsm48_tx_gmm_status(mmctx, GMM_CAUSE_MSGT_NOTEXIST_NOTIMPL);
+		else
+			rc = -EINVAL;
 		break;
 	}
 
-- 
cgit v1.2.3