mirror of
https://gitea.osmocom.org/cellular-infrastructure/osmo-sip-connector.git
synced 2025-11-03 05:33:37 +00:00
49880ddf74
When the MNCC socket breaks down we would release all callds but when there is no remote call the call would be released before if (call->remote) ... is being executed leading to a use after free. Fix it by copying the legs first and assuming the call will be gone after that. ==3618== Invalid read of size 4 ==3618== at 0x804A18A: app_mncc_disconnected (app.c:49) ==3618== by 0x804B52D: close_connection (mncc.c:255) ==3618== by 0x804BCFA: mncc_rtp_send.constprop.13 (mncc.c:145) ==3618== by 0x804CC86: check_setup (mncc.c:435) ==3618== by 0x804CC86: mncc_data (mncc.c:795) ==3618== by 0x42FCF94: osmo_fd_disp_fds (select.c:167) ==3618== by 0x804D1F2: evpoll (evpoll.c:92) ==3618== by 0x4205053: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1) ==3618== by 0x4205478: g_main_loop_run (in /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1) ==3618== by 0x8049AA6: main (main.c:171) ==3618== Address 0x47f3258 is 64 bytes inside a block of size 76 free'd ==3618== at 0x402A3A8: free (vg_replace_malloc.c:473) ==3618== by 0x42E7FD1: ??? (in /usr/lib/i386-linux-gnu/libtalloc.so.2.1.5) ==3618== by 0x804A3FD: call_leg_release (call.c:87) ==3618== by 0x804A186: app_mncc_disconnected (app.c:48) ==3618== by 0x804B52D: close_connection (mncc.c:255) ==3618== by 0x804BCFA: mncc_rtp_send.constprop.13 (mncc.c:145) ==3618== by 0x804CC86: check_setup (mncc.c:435) ==3618== by 0x804CC86: mncc_data (mncc.c:795) ==3618== by 0x42FCF94: osmo_fd_disp_fds (select.c:167) ==3618== by 0x804D1F2: evpoll (evpoll.c:92) ==3618== by 0x4205053: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1) ==3618== by 0x4205478: g_main_loop_run (in /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1) ==3618== by 0x8049AA6: main (main.c:171) ==3618== Change-Id: I1889013ed315f896e4295358f6daf76ce523dc2a
Osmo SIP Connector ================== Simple utility to map MNCC to SIP and SIP to MNCC. The VTY interface can be used to make configurations. The code doesn't have any RTP or transcoding support. Call identities can be either the MSISDN or the IMSI of the subscriber. Requirements of Equipment ^^^^^^^^^^^^^^^^^^^^^^^^^ * DTMF need to be sent using SIP INFO messages. DTMF in RTP is not supported. * BTS+PBX and SIP connector+PBX must be in the same network (UDP must be able to flow directly between these elements) * No handover support. * IP based BTS (e.g. Sysmocom sysmoBTS but no Siemens BS11) * No emergency calls Limitations ^^^^^^^^^^^ * PT of RTP needs to match the one used by the BTS. E.g. AMR needs to use the same PT as the BTS. This is because rtp_payload2 is not yet supported by the osmo-bts software. * AMR SDP file doesn't include the mode-set params and allowed codec modes. This needs to be configured in some way.