Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
O
OpenXG-RAN
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Metrics
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
OpenXG
OpenXG-RAN
Commits
59b69e24
Commit
59b69e24
authored
Jan 30, 2024
by
Robert Schmidt
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
correctly free NAS pdus: avoid possible double-frees
parent
f81ec9c2
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
15 additions
and
24 deletions
+15
-24
openair2/RRC/NR/rrc_gNB.c
openair2/RRC/NR/rrc_gNB.c
+15
-24
No files found.
openair2/RRC/NR/rrc_gNB.c
View file @
59b69e24
...
@@ -121,6 +121,14 @@ mui_t rrc_gNB_mui = 0;
...
@@ -121,6 +121,14 @@ mui_t rrc_gNB_mui = 0;
///---------------------------------------------------------------------------------------------------------------///
///---------------------------------------------------------------------------------------------------------------///
///---------------------------------------------------------------------------------------------------------------///
///---------------------------------------------------------------------------------------------------------------///
static
void
clear_nas_pdu
(
ngap_pdu_t
*
pdu
)
{
DevAssert
(
pdu
!=
NULL
);
free
(
pdu
->
buffer
);
// does nothing if NULL
pdu
->
buffer
=
NULL
;
pdu
->
length
=
0
;
}
static
void
freeDRBlist
(
NR_DRB_ToAddModList_t
*
list
)
static
void
freeDRBlist
(
NR_DRB_ToAddModList_t
*
list
)
{
{
//ASN_STRUCT_FREE(asn_DEF_NR_DRB_ToAddModList, list);
//ASN_STRUCT_FREE(asn_DEF_NR_DRB_ToAddModList, list);
...
@@ -563,18 +571,13 @@ static void rrc_gNB_generate_defaultRRCReconfiguration(const protocol_ctxt_t *co
...
@@ -563,18 +571,13 @@ static void rrc_gNB_generate_defaultRRCReconfiguration(const protocol_ctxt_t *co
xer_fprint
(
stdout
,
&
asn_DEF_NR_CellGroupConfig
,
ue_p
->
masterCellGroup
);
xer_fprint
(
stdout
,
&
asn_DEF_NR_CellGroupConfig
,
ue_p
->
masterCellGroup
);
}
}
// suspicious if it is always malloced before ?
clear_nas_pdu
(
&
ue_p
->
nas_pdu
);
free
(
ue_p
->
nas_pdu
.
buffer
);
LOG_DUMPMSG
(
NR_RRC
,
DEBUG_RRC
,(
char
*
)
buffer
,
size
,
"[MSG] RRC Reconfiguration
\n
"
);
LOG_DUMPMSG
(
NR_RRC
,
DEBUG_RRC
,(
char
*
)
buffer
,
size
,
"[MSG] RRC Reconfiguration
\n
"
);
/* Free all NAS PDUs */
/* Free all NAS PDUs */
for
(
int
i
=
0
;
i
<
ue_p
->
nb_of_pdusessions
;
i
++
)
{
for
(
int
i
=
0
;
i
<
ue_p
->
nb_of_pdusessions
;
i
++
)
if
(
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
!=
NULL
)
{
clear_nas_pdu
(
&
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
);
free
(
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
);
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
=
NULL
;
}
}
LOG_I
(
NR_RRC
,
"[gNB %d] Frame %d, Logical Channel DL-DCCH, Generate NR_RRCReconfiguration (bytes %d, UE id %x)
\n
"
,
LOG_I
(
NR_RRC
,
"[gNB %d] Frame %d, Logical Channel DL-DCCH, Generate NR_RRCReconfiguration (bytes %d, UE id %x)
\n
"
,
ctxt_pP
->
module_id
,
ctxt_pP
->
module_id
,
...
@@ -625,13 +628,8 @@ void rrc_gNB_generate_dedicatedRRCReconfiguration(const protocol_ctxt_t *const c
...
@@ -625,13 +628,8 @@ void rrc_gNB_generate_dedicatedRRCReconfiguration(const protocol_ctxt_t *const c
}
}
/* Free all NAS PDUs */
/* Free all NAS PDUs */
for
(
int
i
=
0
;
i
<
ue_p
->
nb_of_pdusessions
;
i
++
)
{
for
(
int
i
=
0
;
i
<
ue_p
->
nb_of_pdusessions
;
i
++
)
if
(
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
!=
NULL
)
{
clear_nas_pdu
(
&
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
);
/* Free the NAS PDU buffer and invalidate it */
free
(
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
);
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
=
NULL
;
}
}
NR_CellGroupConfig_t
*
cellGroupConfig
=
ue_p
->
masterCellGroup
;
NR_CellGroupConfig_t
*
cellGroupConfig
=
ue_p
->
masterCellGroup
;
...
@@ -755,8 +753,6 @@ rrc_gNB_modify_dedicatedRRCReconfiguration(
...
@@ -755,8 +753,6 @@ rrc_gNB_modify_dedicatedRRCReconfiguration(
asn1cSequenceAdd
(
dedicatedNAS_MessageList
->
list
,
NR_DedicatedNAS_Message_t
,
dedicatedNAS_Message
);
asn1cSequenceAdd
(
dedicatedNAS_MessageList
->
list
,
NR_DedicatedNAS_Message_t
,
dedicatedNAS_Message
);
OCTET_STRING_fromBuf
(
dedicatedNAS_Message
,
(
char
*
)
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
,
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
length
);
OCTET_STRING_fromBuf
(
dedicatedNAS_Message
,
(
char
*
)
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
,
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
length
);
LOG_I
(
NR_RRC
,
"add NAS info with size %d (pdusession id %d)
\n
"
,
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
length
,
ue_p
->
pduSession
[
i
].
param
.
pdusession_id
);
LOG_I
(
NR_RRC
,
"add NAS info with size %d (pdusession id %d)
\n
"
,
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
length
,
ue_p
->
pduSession
[
i
].
param
.
pdusession_id
);
}
else
{
LOG_W
(
NR_RRC
,
"no NAS info (pdusession id %d)
\n
"
,
ue_p
->
pduSession
[
i
].
param
.
pdusession_id
);
}
}
}
}
...
@@ -783,13 +779,8 @@ rrc_gNB_modify_dedicatedRRCReconfiguration(
...
@@ -783,13 +779,8 @@ rrc_gNB_modify_dedicatedRRCReconfiguration(
freeDRBlist
(
DRBs
);
freeDRBlist
(
DRBs
);
/* Free all NAS PDUs */
/* Free all NAS PDUs */
for
(
int
i
=
0
;
i
<
ue_p
->
nb_of_pdusessions
;
i
++
)
{
for
(
int
i
=
0
;
i
<
ue_p
->
nb_of_pdusessions
;
i
++
)
if
(
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
!=
NULL
)
{
clear_nas_pdu
(
&
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
);
/* Free the NAS PDU buffer and invalidate it */
free
(
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
);
ue_p
->
pduSession
[
i
].
param
.
nas_pdu
.
buffer
=
NULL
;
}
}
LOG_I
(
NR_RRC
,
"[gNB %d] Frame %d, Logical Channel DL-DCCH, Generate RRCReconfiguration (bytes %d, UE RNTI %x)
\n
"
,
ctxt_pP
->
module_id
,
ctxt_pP
->
frame
,
size
,
ue_p
->
rnti
);
LOG_I
(
NR_RRC
,
"[gNB %d] Frame %d, Logical Channel DL-DCCH, Generate RRCReconfiguration (bytes %d, UE RNTI %x)
\n
"
,
ctxt_pP
->
module_id
,
ctxt_pP
->
frame
,
size
,
ue_p
->
rnti
);
LOG_D
(
NR_RRC
,
LOG_D
(
NR_RRC
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment