Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
O
OpenXG-RAN
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ZhouShuya
OpenXG-RAN
Commits
59623646
Commit
59623646
authored
Feb 22, 2018
by
Masayuki HARADA
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Avoid NULL access in rrc_eNB_process_RRCConnectionReestablishmentComplete.
parent
de35844c
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
49 additions
and
35 deletions
+49
-35
openair2/RRC/LITE/rrc_eNB.c
openair2/RRC/LITE/rrc_eNB.c
+49
-35
No files found.
openair2/RRC/LITE/rrc_eNB.c
View file @
59623646
...
...
@@ -1371,8 +1371,10 @@ rrc_eNB_process_RRCConnectionReestablishmentComplete(
SRB_configList2
=
&
ue_context_pP
->
ue_context
.
SRB_configList2
[
xid
];
// get old configuration of SRB2
if
(
*
SRB_configList2
!=
NULL
)
{
if
((
*
SRB_configList2
)
->
list
.
count
!=
0
){
LOG_D
(
RRC
,
"SRB_configList2(%p) count is %d
\n
SRB_configList2->list.array[0] addr is %p"
,
SRB_configList2
,
(
*
SRB_configList2
)
->
list
.
count
,
(
*
SRB_configList2
)
->
list
.
array
[
0
]);
}
for
(
i
=
0
;
(
i
<
(
*
SRB_configList2
)
->
list
.
count
)
&&
(
i
<
3
);
i
++
)
{
if
((
*
SRB_configList2
)
->
list
.
array
[
i
]
->
srb_Identity
==
2
){
LOG_D
(
RRC
,
"get SRB2_config from (ue_context_pP->ue_context.SRB_configList2[%d])
\n
"
,
xid
);
...
...
@@ -1384,10 +1386,14 @@ rrc_eNB_process_RRCConnectionReestablishmentComplete(
SRB_configList2
=
&
ue_context_pP
->
ue_context
.
SRB_configList2
[
next_xid
];
DRB_configList2
=
&
ue_context_pP
->
ue_context
.
DRB_configList2
[
next_xid
];
if
(
SRB_configList2
!=
NULL
){
if
(
*
SRB_configList2
)
{
free
(
*
SRB_configList2
);
LOG_D
(
RRC
,
"free(ue_context_pP->ue_context.SRB_configList2[%d])
\n
"
,
next_xid
);
}
}
else
{
LOG_E
(
RRC
,
"SRB_configList2 is null
\n
"
);
}
*
SRB_configList2
=
CALLOC
(
1
,
sizeof
(
**
SRB_configList2
));
if
(
SRB2_config
!=
NULL
)
{
// Add SRB2 to SRB configuration list
...
...
@@ -1406,10 +1412,14 @@ rrc_eNB_process_RRCConnectionReestablishmentComplete(
if
(
DRB_configList2
!=
NULL
){
if
(
*
DRB_configList2
)
{
free
(
*
DRB_configList2
);
LOG_D
(
RRC
,
"free(ue_context_pP->ue_context.DRB_configList2[%d])
\n
"
,
next_xid
);
}
}
else
{
LOG_E
(
RRC
,
"DRB_configList2 is null
\n
"
);
}
*
DRB_configList2
=
CALLOC
(
1
,
sizeof
(
**
DRB_configList2
));
if
(
DRB_configList
!=
NULL
)
{
...
...
@@ -1863,7 +1873,11 @@ rrc_eNB_process_RRCConnectionReestablishmentComplete(
}
#endif
if
(
size
==
65535
){
LOG_E
(
RRC
,
"RRC decode err!!! do_RRCConnectionReconfiguration
\n
"
);
put_UE_in_freelist
(
ctxt_pP
->
module_id
,
reestablish_rnti
,
0
);
return
;
}
else
{
LOG_I
(
RRC
,
"[eNB %d] Frame %d, Logical Channel DL-DCCH, Generate RRCConnectionReconfiguration (bytes %d, UE id %x)
\n
"
,
ctxt_pP
->
module_id
,
ctxt_pP
->
frame
,
size
,
ue_context_pP
->
ue_context
.
rnti
);
...
...
@@ -1891,7 +1905,7 @@ rrc_eNB_process_RRCConnectionReestablishmentComplete(
size
,
buffer
,
PDCP_TRANSMISSION_MODE_CONTROL
);
}
// delete UE data of prior RNTI. UE use current RNTI.
// protocol_ctxt_t ctxt_prior = *ctxt_pP;
// ctxt_prior.rnti = reestablish_rnti;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
