Gitiles
Code Review Sign In
gerrit.osmocom.org / libosmocore / cd325efae564384c74b4af6163303ddc81c7a3c1
commitcd325efae564384c74b4af6163303ddc81c7a3c1[log] [tgz]
authorNeels Hofmeyr <neels@hofmeyr.de>Thu Nov 16 22:32:36 2017 +0100
committerNeels Hofmeyr <neels@hofmeyr.de>Mon Nov 20 17:22:42 2017 +0100
tree91fd7a58c09d257546f188e8d9ce43933551adc2
parent0128c78ffe25196f53fbbc0884a9c4587f493224 [diff]
gprs_bssgp: bssgp_fc_in(): fix mem leak on queue overflow

All successful and all error code paths of bssgp_fc_in() free the msgb, except
the code path calling fc_enqueue() when the msg is dropped (due to queue being
full, or failure to allocate).

Callers could theoretically catch the -ENOSPC return value and discard the
msgb. However, in other code paths, a callback's return value is returned,
which is expected to free the msgb, so such callback would have to never return
-ENOSPC when it freed the msgb. Much simpler semantics would be to free the
msgb in every code path, no matter which kind of error occurred.

Who is currently calling bssgp_fc_in and how do they handle the return value?
- bssgp_fc_test.c ignores the return value (and hits a mem leak aka sanitizer
  build failure if the queue is full).
- fc_timer_cb() ignores the return value.
- bssgp_tx_dl_ud() returns the bssgp_fc_in() rc.
  - which is returned by a cascade of functions leading up to being returned,
    for example, by gprs_llgmm_reset(), which is usually called with ignored
    return code.
At this point it is already fairly clear that bssgp_fc_in() should always free
the msgb, since the callers don't seem to distinguish even between error or
success, let alone between -ENOSPC or other errors.

bssgp_fc_test: assert that no msgbs remain unfreed after the tests.
Adjust expected results.

Helps fix sanitizer build on debian 9.

Change-Id: I00c62a104baeaad6a85883c380259c469aebf0df
3 files changed
tree: 91fd7a58c09d257546f188e8d9ce43933551adc2
  1. contrib/
  2. debian/
  3. doc/
  4. include/
  5. m4/
  6. src/
  7. tests/
  8. utils/
  9. .gitignore
  10. .gitreview
  11. .mailmap
  12. configure.ac
  13. COPYING
  14. Doxyfile.codec.in
  15. Doxyfile.coding.in
  16. Doxyfile.core.in
  17. Doxyfile.gb.in
  18. Doxyfile.gsm.in
  19. Doxyfile.vty.in
  20. git-version-gen
  21. libosmocodec.pc.in
  22. libosmocoding.pc.in
  23. libosmocore.pc.in
  24. libosmoctrl.pc.in
  25. libosmogb.pc.in
  26. libosmogsm.pc.in
  27. libosmosim.pc.in
  28. libosmovty.pc.in
  29. Makefile.am
  30. osmo-release.mk
  31. osmo-release.sh
  32. README.md
  33. TODO-RELEASE
README.md

libosmocore - set of Osmocom core libraries

This repository contains a set of C-language libraries that form the core infrastructure of many Osmocom Open Source Mobile Communications projects.

Historically, a lot of this code was developed as part of the OpenBSC project, but which are of a more generic nature and thus useful to (at least) other programs that we develop in the sphere of Free Software / Open Source mobile communications.

There is no clear scope of it. We simply move all shared code between the various Osmocom projects in this library to avoid code duplication.

The libosmcoore.git repository build multiple libraries:

  • libosmocore contains some general-purpose functions like select-loop abstraction, message buffers, timers, linked lists
  • libosmovty contains routines related to the interactive command-line interface called VTY
  • libosmogsm contains definitions and helper code related to GSM protocols
  • libosmoctrl contains a shared implementation of the Osmocom control interface
  • libosmogb contains an implementation of the Gb interface with its NS/BSSGP protocols
  • libosmocodec contains an implementation of GSM voice codecs
  • libosmocoding contains an implementation of GSM channel coding
  • libosmosim contains infrastructure to interface SIM/UICC/USIM cards
  • libosmotrau contains encoding/decoding functions for A-bis TRAU frames

Homepage

The official homepage of the project is https://osmocom.org/projects/libosmocore/wiki/Libosmocore

GIT Repository

You can clone from the official libosmocore.git repository using

git clone git://git.osmocom.org/libosmocore.git

There is a cgit interface at http://git.osmocom.org/libosmocore/

Documentation

Doxygen-generated API documentation is generated during the build process, but also available online for each of the sub-libraries at http://ftp.osmocom.org/api/latest/libosmocore/

Mailing List

Discussions related to libosmocore are happening on the openbsc@lists.osmocom.org mailing list, please see https://lists.osmocom.org/mailman/listinfo/openbsc for subscription options and the list archive.

Please observe the Osmocom Mailing List Rules when posting.

Contributing

Our coding standards are described at https://osmocom.org/projects/cellular-infrastructure/wiki/Coding_standards

We us a gerrit based patch submission/review process for managing contributions. Please see https://osmocom.org/projects/cellular-infrastructure/wiki/Gerrit for more details

The current patch queue for libosmocore can be seen at https://gerrit.osmocom.org/#/q/project:libosmocore+status:open