Skip to content
Success

Changes

Summary

  1. gsm0911_rcv_nc_ss(): avoid assertion failure in msc_a_put() (details)
Commit 86cdab3a63cc86003e4a3ea59d643eabfa293d3e by Vadim Yanitskiy
gsm0911_rcv_nc_ss(): avoid assertion failure in msc_a_put()

It was reported by a user that osmo-msc hits an assertion failure:

  Assert failed osmo_use_count_get_put(&msc_a->use_count, "cm_service_ss", -1) == 0 gsm_09_11.c:147

It's yet unclear how can this happen, because the MS/UE shall not be
sending SS/USSD messages without a prior CM Service Request.  However,
I was able to write an "evil MS" testcase that reproduces the problem
(see the related patch).  This is pretty much a DoS vector, so let's
add safety checks preventing this to gsm0911_rcv_nc_ss().

Change-Id: I724f0f0c9ef8611d3c3653e9370361b252127f72
Related: osmo-ttcn3-hacks.git If1d85a1b4b63b01b4565e53677acfd21e664e799
Related: 5fb4a9efcf ("Release BSS connection when SS message is rejected")
Related: OS#6756
The file was modifiedsrc/libmsc/gsm_09_11.c