Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 80620d2d7c7e3e32a9d9c498d1788eb3495b1bc9
commit80620d2d7c7e3e32a9d9c498d1788eb3495b1bc9[log] [tgz]
authorHarald Welte <laforge@gnumonks.org>Sat Feb 10 10:24:15 2018 +0100
committerHarald Welte <laforge@gnumonks.org>Sat Feb 10 10:24:15 2018 +0100
treefbf4e700d7fac7ae59a0f95e4140746621ba03e3
parent69c54a8b3c4ec16b832474350ca4d1ef7ffb86d4 [diff]
a_iface: Fix heap-use-after-free in a_clear_all()

We cannot use conn->a.conn_id after conn has been free'd inside
msc_clear_request().  Let's store conn_id before that call to
ensure we avoid an use-after-free situation.

A more elegant (but more intrusive) solution would be to
move the SCCP connection clearing into the FSM itself.

Change-Id: Ibe41aa503e9f7cbeb05dce4b1a20b3eac85e619f
Closes: OS#2922
1 file changed
tree: fbf4e700d7fac7ae59a0f95e4140746621ba03e3
  1. contrib/
  2. debian/
  3. doc/
  4. include/
  5. m4/
  6. src/
  7. tests/
  8. .gitignore
  9. .gitreview
  10. .mailmap
  11. AUTHORS
  12. configure.ac
  13. COPYING
  14. git-version-gen
  15. Makefile.am
  16. osmoappdesc.py
  17. README
  18. README.vty-tests