Bug #5169
closedctrl_cmd_make crash MSC
100%
Description
When I try to get a list of users (70+) through the MSC control interface with the "subscriber-list-active-v1" function, the service crashes with message "Not enough tailroom msgb_put ..."
msg = msgb_alloc_headroom(4096, 128, "ctrl command make");
4096 is not enough
Can we change the constant to a dynamic value and won't it affect anything in other places?
Related issues
Updated by laforge almost 3 years ago
When I try to get a list of users (70+) through the MSC control interface with the "subscriber-list-active-v1" function, the service crashes with message "Not enough tailroom msgb_put ..."
That's of course not nice at all. Thanks for the report!
Can we change the constant to a dynamic value and won't it affect anything in other places?
The problem is that the libosmocore/ctrl doesn't know upfront what size to allocate.
CTRL was defined as an interface to get or set small parameters, and not for obtaining
comprehensive lists or larger data structures. Think of changing some small configuration
value or the like.
So we have multiple issues here:
- CTRL is used in a way it shouldn't be used (exporting the whole subscriber list)
- no matter the above, it shouldn't crash but fail gracefully
Updated by keith almost 3 years ago
- Related to Bug #5175: CTRL command crashes osmo-msc (libosmocore) added
Updated by keith almost 3 years ago
- Related to deleted (Bug #5175: CTRL command crashes osmo-msc (libosmocore))
Updated by keith almost 3 years ago
- Has duplicate Bug #5175: CTRL command crashes osmo-msc (libosmocore) added
Updated by keith almost 3 years ago
I just realised that this is a massive problem for TIC/Rhizomatica as the REST API that supplies subscriber details to the web admin interface uses this CTRL command to get the list of connected MSISDNs
As far as I can see there is no other way to know who's connected, other than maybe some clunky query on the HLR database checking for recent LURs (ugh)
Updated by laforge almost 3 years ago
- Assignee set to pespin
- Priority changed from Low to High
Updated by pespin almost 3 years ago
- Status changed from New to Feedback
- Assignee changed from pespin to keith
- % Done changed from 0 to 90
The crash should be fixed by:
https://gerrit.osmocom.org/c/libosmocore/+/24639 ctrl: Pre-calculate required size before allocating msgb
I also did some related fixes/improvements:
https://gerrit.osmocom.org/c/libosmocore/+/24640 ctrl: Support recovering from short write
https://gerrit.osmocom.org/c/libosmocore/+/24641 msgb_alloc_headroom: Change size args to be uint16_t
keith please give a try again with all those applied and share your experience.
Updated by keith almost 3 years ago
As far as I am concerned it's "fixed" by gerrit 24639 so I'd say this issue can be closed.
notwithstadning laforge 's comments "CTRL is used in a way it shouldn't be"
Updated by pespin almost 3 years ago
- Status changed from Feedback to Resolved
- % Done changed from 90 to 100