summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHarald Welte <laforge@gnumonks.org>2016-07-03 20:45:21 +0200
committerHarald Welte <laforge@gnumonks.org>2016-07-03 20:47:06 +0200
commit0ee90f861458a68be7d7ac6e7f253c2be03ae049 (patch)
treec64eaf3951f6f858c9c5f131b276f2ca0d0c9060
parentdda9dffca9bda905bc33d5995923277e861a80c2 (diff)
lapd_dl_flush_hist(): Don't flush a non-existant history
If lapd_dl_flush_hist() is called after lapd_dl_exit(), dl->tx_hist has already been free'd and set to NULL. Check for this before attempting to de-reference a NULL pointer. This bug breaks OpenBSC with any E1 based BTSs using DAHDI. Change-Id: I117ba3445fa5e8097e21c11c5a6337de6ba46c7d Related: OS#1760
-rw-r--r--src/gsm/lapd_core.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/gsm/lapd_core.c b/src/gsm/lapd_core.c
index c59b0754..fd1e7097 100644
--- a/src/gsm/lapd_core.c
+++ b/src/gsm/lapd_core.c
@@ -158,6 +158,9 @@ static void lapd_dl_flush_hist(struct lapd_datalink *dl)
{
unsigned int i;
+ if (!dl->range_hist)
+ return;
+
for (i = 0; i < dl->range_hist; i++) {
if (dl->tx_hist[i].msg) {
msgb_free(dl->tx_hist[i].msg);