Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-sgsn / 881064e9b81de4aee7a9cdd52184860260f8723c^! / . / openbsc / tests
commit881064e9b81de4aee7a9cdd52184860260f8723c[log] [tgz]
authorMax <msuraev@sysmocom.de>Wed Dec 14 14:51:40 2016 +0100
committerHarald Welte <laforge@gnumonks.org>Mon Jan 23 12:32:00 2017 +0000
tree8c6655af403554274bd7a0486e888deda6329303
parent47e178190744e65079a821f40148eebcaa92bf76 [diff]
Prevent segfault in range encoding

* Explicitly check when ARFCN array split is impossible and return
  gracefully instead of using negative index.
* Separate range encoding into generic function and use it for all
  SI-related things.
* Propagate the error into that function and to its callers.
* Add separate test-case for the segfault previously triggered by this bug.

Change-Id: I3e049ab2d7c1c4d6c791b148f37e10636a8e43e0
Related: RT#7379

diff --git a/openbsc/tests/gsm0408/gsm0408_test.c b/openbsc/tests/gsm0408/gsm0408_test.c
index ae8cbdd..472c2ae 100644
--- a/openbsc/tests/gsm0408/gsm0408_test.c
+++ b/openbsc/tests/gsm0408/gsm0408_test.c

@@ -120,6 +120,21 @@
 		gen(bts);
 }
 
+static inline void test_si2q_segfault(void)
+{
+	struct gsm_bts *bts;
+	struct gsm_network *network = bsc_network_init(tall_bsc_ctx, 1, 1, NULL);
+	printf("Test SI2quater UARFCN (same scrambling code and diversity):\n");
+
+	if (!network)
+		exit(1);
+	bts = gsm_bts_alloc(network);
+
+	_bts_uarfcn_add(bts, 10564, 319, 0);
+	_bts_uarfcn_add(bts, 10612, 319, 0);
+	gen(bts);
+}
+
 static inline void test_si2q_u(void)
 {
 	struct gsm_bts *bts;
@@ -590,6 +605,7 @@
 	test_range_encoding();
 	test_gsm411_rp_ref_wrap();
 
+	test_si2q_segfault();
 	test_si2q_e();
 	test_si2q_u();
 	printf("Done.\n");

diff --git a/openbsc/tests/gsm0408/gsm0408_test.ok b/openbsc/tests/gsm0408/gsm0408_test.ok
index ebe9476..1118dd9 100644
--- a/openbsc/tests/gsm0408/gsm0408_test.ok
+++ b/openbsc/tests/gsm0408/gsm0408_test.ok

@@ -62,6 +62,10 @@
 Allocated reference: 255
 Allocated reference: 0
 Allocated reference: 1
+Test SI2quater UARFCN (same scrambling code and diversity):
+generated valid SI2quater: [23] 59 06 07 c0 00 25 52 88 0a 7e 10 99 64 00 0b 2b 2b 2b 2b 2b 2b 2b 2b 
+failed to generate SI2quater: Invalid argument
+failed to generate SI2quater: Invalid argument
 Testing SYSINFO_TYPE_2quater EARFCN generation:
 generated invalid SI2quater: [23] 59 06 07 c0 00 04 86 59 0a 03 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 
 added EARFCN 1917 - generated valid SI2quater: [23] 59 06 07 c0 00 04 86 59 83 be c8 50 0b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b