Gitiles
Code Review Sign In
gerrit.osmocom.org / libosmo-abis / deb5c4f7ab24a2fa19200bb117b24b4382cb45f1
commitdeb5c4f7ab24a2fa19200bb117b24b4382cb45f1[log] [tgz]
authorPau Espin Pedrol <pespin@sysmocom.de>Fri Jul 31 12:55:01 2020 +0200
committerPau Espin Pedrol <pespin@sysmocom.de>Fri Jul 31 13:03:43 2020 +0200
tree25fa751f23e8f7929bd78433edd7ba558934d56a
parent8fc8ceff16aa1fdd3b0b6bdcc7659ad7ba7ad591 [diff]
ipaccess: Fix use-after-free in ipaccess_drop()

Recent commit b8ea0ff521a3e01c22a9dd1948b9a853521f575e introduced a
heap-use-after-free while getting rid of memleaks and clearing up the
reference counting lifecycle of the line object.

In that commit, e1inp_line_put2() was added in ipaccess_drop() which may
potentially free the line object (and its children e1inp_ts objects)
under specific conditions/scenarions. However, the function still used
the child object e1i_ts which in those scenarios would access already
freed memory.

Let's keep a local reference during the life of the function to make
sure the object is non-freed during e1inp_line_put2(), so that we can
notify upper layers that the link is down.

Detected by enabling ASan and running BSC_Tests.TC_chopped_ipa_ping
TTCN3 test.

Related: OS#4688
Change-Id: I4f56af28ad8297846bcdc8ba7afe51fff0f9a00f
1 file changed
tree: 25fa751f23e8f7929bd78433edd7ba558934d56a
  1. contrib/
  2. debian/
  3. include/
  4. m4/
  5. src/
  6. tests/
  7. .gitignore
  8. .gitreview
  9. AUTHORS
  10. configure.ac
  11. COPYING
  12. git-version-gen
  13. libosmoabis.pc.in
  14. libosmotrau.pc.in
  15. Makefile.am
  16. README.md
  17. TODO-RELEASE
README.md

libosmo-abis - Osmocom Abis interface library

This repository contains a set of C-language libraries that form the A-bis interface library of Osmocom Open Source Mobile Communications projects such as OpenBSC / OsmoBSC.

Historically, a lot of this code was developed as part of the OpenBSC project, but which are of a more generic nature and thus useful to (at least) other programs that we develop in the sphere of Free Software / Open Source mobile communications.

The libosmo-abis.git repository build multiple libraries:

  • libosmoabis contains some abstraction layer over E1/T1 and IP based ETSI/3GPP A-bis interface. It can use mISDN and DAHDI as underlying driver/hardware.
  • libosmotrau contains routines related to A-bis TRAU frame handling

Homepage

The official homepage of the project is https://osmocom.org/projects/libosmo-abis

GIT Repository

You can clone from the official libosmo-abis.git repository using

git clone git://git.osmocom.org/libosmo-abis.git

There is a cgit interface at http://git.osmocom.org/libosmo-abis/

Documentation

There is no Doxygen-generated API documentation yet for this library. It would be great to some day have it, comparable to libosmocore.

Mailing List

Discussions related to libosmo-abis are happening on the openbsc@lists.osmocom.org mailing list, please see https://lists.osmocom.org/mailman/listinfo/openbsc for subscription options and the list archive.

Please observe the Osmocom Mailing List Rules when posting.

Contributing

Our coding standards are described at https://osmocom.org/projects/cellular-infrastructure/wiki/Coding_standards

We us a gerrit based patch submission/review process for managing contributions. Please see https://osmocom.org/projects/cellular-infrastructure/wiki/Gerrit for more details

The current patch queue for libosmo-abis can be seen at https://gerrit.osmocom.org/#/q/project:libosmo-abis+status:open