sysmocom
/
ofono
mirror of git://git.sysmocom.de/ofono
11
0
Fork 0
Code Issues Releases Activity
ofono/src
History
Richard Röjfors 3b7d8e003e gprs: Don't modify the context if assign fails 
There was an issue while running LTE and the connection
manager tried to activate the context with CID 1 while
it got automatically activated at the same time with
CID 4.

When the automatic activation happened ofono_gprs_cid_activated
got called which tried to assign the context, but that failed
since the driver context was considered in use
(by the activation call).
Eventhough it failed, the context was modified,
cid was set to 0 (making cid 1 leak).
Then release_context got called which clear pointers
assigned to the context.

A bit later the activation callback got called, in my case
activation failed. Due to the failure it tries to clean up
by calling context_settings_free, but unfortunately the pointers
where reset above causing ofono to segfault du to null pointer
derefs.

Instead we make sure assign_context does not touch the context
unless it succeeds. Then there is no need to call release_context
if assign fails.
That ensures the context being intact when the activation callback
gets called.

03:23:21 ofonod[545]: Aux: < \r\n+CGEV: ME PDN ACT 4\r\n\r\n+CTZE: +04,0,"19/12/10,04:25:03"\r\n
03:23:21 ofonod[545]: drivers/ubloxmodem/network-registration.c:ctze_notify() tz +04 dst 0 time 19/12/10,04:25:03
03:23:21 ofonod[545]: src/network.c:ofono_netreg_time_notify() net time 2019-12-10 04:25:03 utcoff 3600 dst 0
03:23:22 ofonod[545]: Aux: > AT+CGDCONT?\r
03:23:22 ofonod[545]: drivers/ubloxmodem/gprs-context.c:ublox_gprs_activate_primary() cid 1

Connection manager requests activation, will mark the context in use and assign
it cid 1.

03:23:22 ofonod[545]: Aux: < \r\n+CGDCONT: 1,"IP","m2m.tele2.com","",0,0,0,0,0,0\r\n
03:23:22 ofonod[545]: Aux: < +CGDCONT: 4,"IP","m2m.tele2.com.mnc003.mcc248.gprs","100.69.174.133",0,0,0,0,0,0\r\n
03:23:22 ofonod[545]: Aux: < \r\nOK\r\n
03:23:22 ofonod[545]: drivers/atmodem/gprs.c:at_cgdcont_read_cb() ok 1
03:23:22 ofonod[545]: src/gprs.c:ofono_gprs_cid_activated() cid 4
03:23:22 ofonod[545]: Can't assign context to driver for APN.

Since its marked in use above, we fail to assign it cid 4. When that fails
the cid is cleared an all context pointers are set to NULL.

03:23:22 ofonod[545]: Aux: > AT+CGDCONT=1,"IP","m2m.tele2.com"\r
03:23:22 ofonod[545]: Aux: < \r\nOK\r\n
03:23:22 ofonod[545]: drivers/ubloxmodem/gprs-context.c:cgdcont_cb() ok 1
03:23:22 ofonod[545]: Aux: > AT+CGACT=1,1\r
03:23:22 ofonod[545]: Aux: < \r\n+CME ERROR: 100\r\n
03:23:22 ofonod[545]: drivers/ubloxmodem/gprs-context.c:cgact_enable_cb() ok 0
03:23:22 ofonod[545]: src/gprs.c:pri_activate_callback() 0x853480
03:23:22 ofonod[545]: src/gprs.c:pri_activate_callback() Activating context failed with error: Unknown error

Activation callback, and it failed. Will try to clean up, but the pointers are
NULL'ed...

Dec 10 03:23:22 ofonod[545]: Aborting (signal 11) [/usr/sbin/ofonod]
 		2019-12-11 14:35:34 -06:00
..
audio-settings.c audio-settings: Fix unneeded async for GetProperties 2013-02-25 12:21:35 -06:00
bluetooth.h bluetooth: Add define for SCO voice settings 2013-08-19 12:14:39 -05:00
call-barring.c call-barring: SS query is made with given cls 2012-09-05 15:03:38 -05:00
call-forwarding.c call-forwarding: Increase string buffer to avoid overflow 2019-10-31 08:39:18 +01:00
call-meter.c Do not set signature and reply in GDBus tables 2012-05-20 02:47:57 -07:00
call-settings.c call-settings: Improve error reporting 2012-08-22 18:18:05 -05:00
call-volume.c treewide: Remove superfluous use of _GNU_SOURCE 2018-10-17 10:01:57 -05:00
cbs.c cbs: use g_slist_free_full 2016-04-22 15:27:28 -05:00
cdma-connman.c cdma-connman: Make static analysis tools happy 2015-07-28 10:18:26 -05:00
cdma-netreg.c cdma-netreg: Fix emission of PropertyChanged 2018-03-16 10:24:57 -05:00
cdma-provision.c cdma-provision: Add driver APIs implementation 2012-01-07 12:39:58 -06:00
cdma-sms.c cdma-sms: Update to the new API declaration 2012-06-16 09:50:05 -05:00
cdma-smsutil.c treewide: Remove superfluous use of _GNU_SOURCE 2018-10-17 10:01:57 -05:00
cdma-smsutil.h core: Update copyright information 2011-10-10 13:39:42 -07:00
cdma-voicecall.c Do not set signature and reply in GDBus tables 2012-05-20 02:47:57 -07:00
common.c common: Add new NB-IoT technologies 2019-02-17 21:18:54 -06:00
common.h common: Add new NB-IoT technologies 2019-02-17 21:18:54 -06:00
ctm.c ctm: Remove shadowing reply variable 2012-07-15 20:29:29 -03:00
dbus.c dbus: Add D-Bus mapping for OFONO_ERROR_TYPE_ERRNO 2018-06-28 11:35:10 -05:00
emulator.c emulator: Handle OFONO_ERROR_TYPE_ERRNO in switch 2018-06-28 11:35:10 -05:00
genbuiltin Use script to generate list of builtin plugin symbols 2009-08-24 19:05:41 -07:00
gnss.c treewide: Remove superfluous use of _GNU_SOURCE 2018-10-17 10:01:57 -05:00
gnssagent.c treewide: Remove superfluous use of _GNU_SOURCE 2018-10-17 10:01:57 -05:00
gnssagent.h core: Update copyright information 2011-10-10 13:39:42 -07:00
gprs-provision.c gprs,gprs-provision: add SPN to provisioning API 2011-02-08 21:48:54 -06:00
gprs.c gprs: Don't modify the context if assign fails 2019-12-11 14:35:34 -06:00
handsfree-audio.c handsfree-audio: Add Acquire implementation 2017-05-04 12:34:31 -05:00
handsfree.c core: Quiet warning about strncpy use 2019-05-16 15:10:40 -05:00
hfp.h hfp: Add enum for known HF Indicators 2014-10-20 13:40:27 -05:00
history.c core: Update copyright information 2011-10-10 13:39:42 -07:00
ims.c ims: Rework initialization 2017-10-09 11:35:46 -05:00
location-reporting.c Do not set signature and reply in GDBus tables 2012-05-20 02:47:57 -07:00
log.c log: Remove dead code 2019-11-13 17:01:15 -06:00
lte.c lte: Add additional sanity checks for username/password 2018-10-22 11:46:08 -05:00
main.c main: Quiet ld errors with external ell 2019-05-16 15:10:53 -05:00
manager.c manager: Fix up introspection data 2012-07-04 08:14:38 -05:00
message-waiting.c message-waiting: Fix logic error 2019-04-29 19:38:12 -05:00
message.c Do not set signature and reply in GDBus tables 2012-05-20 02:47:57 -07:00
message.h message: add cancelled state 2011-03-18 18:31:14 -05:00
modem.c modem: add support to clear cached pins. 2019-01-23 17:49:53 -06:00
netmon.c netmon: adding get functionality for neighbouring cell information 2019-06-07 11:40:59 -05:00
netmonagent.c treewide: Remove superfluous use of _GNU_SOURCE 2018-10-17 10:01:57 -05:00
netmonagent.h netmonagent: fix unnecessary function declaration 2017-09-12 12:29:24 -05:00
nettime.c core: explicitly compare pointers to NULL 2010-11-29 13:27:15 -06:00
network.c network: debug log the network time on update 2019-04-28 10:13:07 -05:00
ofono.conf xmm7modem: modified ofono.conf for coex agent 2018-12-13 10:11:23 -06:00
ofono.h sim: Sim PIN1 cache upon modem reset/crash 2019-01-23 17:44:31 -06:00
ofono.service.in systemd: prevent duplicate logging messages in journal 2012-10-25 16:28:38 -07:00
ofono.ver Simplify linker script 2010-09-21 23:25:50 +09:00
phonebook.c phonebook: fix invalid sprintf sequence 2019-04-29 19:16:07 -05:00
plugin.c plugin: Don't unload external plugins too early 2018-07-23 19:57:56 -05:00
private-network.c private-network: add initial implementation 2011-05-24 12:11:01 -05:00
radio-settings.c radio-settings: handling of dual mode technology preference 2019-05-16 10:40:45 -05:00
sim-auth.c core: Quiet warning about strncpy use 2019-05-16 15:10:40 -05:00
sim.c sim: Dereference only after validating !NULL 2019-04-29 14:24:48 -05:00
simfs.c treewide: Use L_TFR macro 2019-05-24 11:55:38 -05:00
simfs.h simfs: read files from specific AID's 2017-11-06 16:12:19 -06:00
simutil.c simutil: Remove pointless check 2019-11-13 17:01:15 -06:00
simutil.h simutil: Add sim_app_record free 2018-02-28 11:08:16 -06:00
siri.c siri: Dereference after validating !NULL 2019-04-29 14:27:54 -05:00
sms.c sms: support 8 national lang in Alphabet property 2018-10-15 14:09:07 -05:00
smsagent.c treewide: Remove superfluous use of _GNU_SOURCE 2018-10-17 10:01:57 -05:00
smsagent.h core: Update copyright information 2011-10-10 13:39:42 -07:00
smsutil.c util: Switch character conversions to ell 2018-12-27 18:18:51 -06:00
smsutil.h util: adding 8 national sms alphabets 2018-10-15 14:07:27 -05:00
stk.c stk: Fix potential buffer overrun 2019-04-29 19:24:19 -05:00
stkagent.c stkagent: Use bool instead of gboolean / ofono_bool_t 2018-12-28 13:47:41 -06:00
stkagent.h stkagent: Use bool instead of gboolean / ofono_bool_t 2018-12-28 13:47:41 -06:00
stkutil.c stkutil: Call va_end on failure 2019-04-29 14:34:00 -05:00
stkutil.h stkutil: Use standard types 2018-12-29 15:26:37 -06:00
storage.c treewide: Use L_TFR macro 2019-05-24 11:55:38 -05:00
storage.h treewide: Use L_TFR macro 2019-05-24 11:55:38 -05:00
ussd.c util: Use bool instead of gboolean 2018-12-27 18:18:51 -06:00
util.c util: Remove last glib uses 2018-12-27 18:18:51 -06:00
util.h util: Remove encode_hex 2018-12-27 18:18:51 -06:00
voicecall.c core: Quiet warning about strncpy use 2019-05-16 15:10:40 -05:00
watch.c core: Update copyright information 2011-10-10 13:39:42 -07:00