https://osmocom.org/https://osmocom.org/favicon.ico?16647414092020-03-17T23:13:09ZOpen Source Mobile Communicationslibosmo-sccp + libosmo-sigtran - Bug #4457: editing the SCCP address book (global-title) on a running instance may crash the applicationhttps://osmocom.org/issues/4457?journal_id=177622020-03-17T23:13:09Zneelsnhofmeyr@sysmocom.de
<ul></ul><p>Minimal case:</p>
<pre>
OsmoMSC> enable
OsmoMSC# configure terminal
OsmoMSC(config)# cs7 instance 0
OsmoMSC(config-cs7)# sccp-address foo
OsmoMSC(config-cs7-sccpaddr)# global-title
OsmoMSC(config-cs7-sccpaddr-gt)# exit
OsmoMSC(config-cs7-sccpaddr)# exit
</pre>
<pre>
../../../src/libosmo-sccp/src/osmo_ss7_vty.c:1829:21: runtime error: member access within null pointer of type 'struct osmo_sccp_addr_entry'
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff4cf3494 in osmo_ss7_vty_go_parent (vty=0x6140000030a0) at ../../../src/libosmo-sccp/src/osmo_ss7_vty.c:1829
1829 vty->index = entry->inst;
(gdb) bt
#0 0x00007ffff4cf3494 in osmo_ss7_vty_go_parent (vty=0x6140000030a0) at ../../../src/libosmo-sccp/src/osmo_ss7_vty.c:1829
#1 0x00005555558d9e4c in msc_vty_go_parent (vty=0x6140000030a0) at ../../../../src/osmo-msc/src/osmo-msc/msc_main.c:288
#2 0x00007ffff70eae6f in vty_go_parent (vty=0x6140000030a0) at ../../../../src/libosmocore/src/vty/command.c:2180
#3 0x00007ffff70f0578 in config_exit (self=0x7ffff7168660 <config_exit_cmd>, vty=0x6140000030a0, argc=0, argv=0x7fffffffd430) at ../../../../src/libosmocore/src/vty/command.c:2728
#4 0x00007ffff70ecefe in cmd_execute_command_real (vline=0x60b0001b9750, vty=0x6140000030a0, cmd=0x0) at ../../../../src/libosmocore/src/vty/command.c:2349
#5 0x00007ffff70ed611 in cmd_execute_command (vline=0x60b0001b9750, vty=0x6140000030a0, cmd=0x0, vtysh=0) at ../../../../src/libosmocore/src/vty/command.c:2401
#6 0x00007ffff70fa5f8 in vty_command (vty=0x6140000030a0) at ../../../../src/libosmocore/src/vty/vty.c:437
#7 0x00007ffff70fde39 in vty_execute (vty=0x6140000030a0) at ../../../../src/libosmocore/src/vty/vty.c:701
#8 0x00007ffff710787c in vty_read (vty=0x6140000030a0) at ../../../../src/libosmocore/src/vty/vty.c:1427
#9 0x00007ffff7111f8e in client_data (fd=0x6100000025b8, what=1) at ../../../../src/libosmocore/src/vty/telnet_interface.c:154
#10 0x00007ffff690cda2 in osmo_fd_disp_fds (_rset=0x7fffffffe160, _wset=0x7fffffffe200, _eset=0x7fffffffe2a0) at ../../../src/libosmocore/src/select.c:227
#11 0x00007ffff690d184 in _osmo_select_main (polling=0) at ../../../src/libosmocore/src/select.c:265
#12 0x00007ffff690d320 in osmo_select_main_ctx (polling=0) at ../../../src/libosmocore/src/select.c:291
#13 0x00005555558dc0f7 in main (argc=3, argv=0x7fffffffe5b8) at ../../../../src/osmo-msc/src/osmo-msc/msc_main.c:732
(gdb) p entry
$1 = (struct osmo_sccp_addr_entry *) 0x0
</pre> libosmo-sccp + libosmo-sigtran - Bug #4457: editing the SCCP address book (global-title) on a running instance may crash the applicationhttps://osmocom.org/issues/4457?journal_id=177632020-03-17T23:17:19Zneelsnhofmeyr@sysmocom.de
<ul></ul><p>Since libosmocore I2b32b4fe20732728db6e9cdac7e484d96ab86dc5 <a class="external" href="http://git.osmocom.org/libosmocore/commit/?id=d31de237582f6fe3315d61bb9a488d4cda92654e">http://git.osmocom.org/libosmocore/commit/?id=d31de237582f6fe3315d61bb9a488d4cda92654e</a><br />it should be possible to greatly simplify the the osmo_ssy_vty_go_parent() -- possibly the bug would go away by that.<br />By coincidence, the commit log of that patch already suggested a simplification of that very same function.</p>