mirror of
https://gitea.osmocom.org/cellular-infrastructure/osmo-sgsn.git
synced 2025-11-02 05:03:15 +00:00
868d818e6e
If an MS which had an MMCTX at the SGSN sent RAU update with an unexpected Old RA field, the RAU was rejected and LLME (LLC layer) unassigned (freed), because no MMCTX was found matching the wrong old RA. However, an MMCTX may actually exist pointing to that LLME, and hence when the LLME is freed, it stayed unnoticed with a dangling pointer to the freed LLME in ctx->gb.llme. Let's try to harder to avoid this kind of bugs which make osmo-sgsn crash. Once we properly split the code into separate independent layers (LLC, MMCTX, etc.) each holding their own structs, this kind of bugs shouldn't happen anymore. Related: OS#6441 Change-Id: I5a4328c6e945b85dd815215724feecadba59c435