IuPS: properly update ra_id on GMM Attach Request
For new MM contexts, the ra_id was correctly obtained from the ue_ctx, but in
case an MM ctx is re-used and the ra_id changed, the new ra_id was not copied
to the MM context; instead, the ra_id was overwritten with uninitialized data.
Always initialize the local ra_id variable from the ue_ctx->ra_id for Iu
connections; it is used further below to update the ctx->ra_id.
For the case of a brand new Iu MM ctx, the ctx->ra_id then gets initialized a
second time. We could technically drop the init in sgsn_mm_ctx_alloc_iu(), but
it doesn't hurt either way.
Fixes: CID#57936
Change-Id: Ia06458758362e76925690b1757d8ced95e9609e4
diff --git a/openbsc/src/gprs/gprs_gmm.c b/openbsc/src/gprs/gprs_gmm.c
index 1fc2784..363b457 100644
--- a/openbsc/src/gprs/gprs_gmm.c
+++ b/openbsc/src/gprs/gprs_gmm.c
@@ -65,10 +65,7 @@
#include <openbsc/gprs_utils.h>
#include <openbsc/sgsn.h>
#include <openbsc/signal.h>
-
-#ifdef BUILD_IU
#include <openbsc/iu.h>
-#endif
#include <pdp.h>
@@ -1076,7 +1073,8 @@
if (!msg->dst) {
/* Gb mode */
cid = bssgp_parse_cell_id(&ra_id, msgb_bcid(msg));
- }
+ } else
+ ra_id = ((struct ue_conn_ctx*)msg->dst)->ra_id;
/* MS network capability 10.5.5.12 */
msnc_len = *cur++;