From bb7ea617253a62cce0158ccd0749eacfacc6e662 Mon Sep 17 00:00:00 2001 From: Neels Hofmeyr Date: Wed, 11 Jul 2018 04:26:34 +0200 Subject: fix handover start: dealloc ho if event not permitted Before this, a handover request in a conn state that disallows it would leave a lingering handover state in the conn, also thwarting any future handover attempts. (It would be deallocated on conn teardown, so no memleak.) Change-Id: I839a05495ae93c5dbbd1616efa2469e5b1990a61 --- src/osmo-bsc/handover_logic.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/osmo-bsc/handover_logic.c b/src/osmo-bsc/handover_logic.c index 960bf6993..064615cbc 100644 --- a/src/osmo-bsc/handover_logic.c +++ b/src/osmo-bsc/handover_logic.c @@ -82,6 +82,7 @@ static struct bsc_handover *bsc_ho_by_old_lchan(struct gsm_lchan *old_lchan) int bsc_handover_start(enum hodec_id from_hodec_id, struct gsm_lchan *old_lchan, struct gsm_bts *new_bts, enum gsm_chan_t new_lchan_type) { + int rc; struct gsm_subscriber_connection *conn; struct bsc_handover *ho; static uint8_t ho_ref = 0; @@ -132,7 +133,14 @@ int bsc_handover_start(enum hodec_id from_hodec_id, struct gsm_lchan *old_lchan, gsm_lchant_name(new_lchan_type), do_assignment ? "Assignment" : "Handover"); - return osmo_fsm_inst_dispatch(conn->fi, GSCON_EV_HO_START, NULL); + rc = osmo_fsm_inst_dispatch(conn->fi, GSCON_EV_HO_START, NULL); + + if (rc < 0) { + LOGPHO(ho, LOGL_ERROR, "Failed to trigger handover, conn state does not allow it\n"); + conn->ho = NULL; + talloc_free(ho); + } + return rc; } /*! Start actual handover. Call bsc_handover_start() instead; The only legal caller is the GSCON FSM in -- cgit v1.2.3