[2/4] gprs: Fix GSUP cancel_type handling (Coverity)

Message ID	1428421790-3423-2-git-send-email-jerlbeck@sysmocom.de
State	Accepted
Headers	show Return-Path: <openbsc-bounces@lists.osmocom.org> From: Jacob Erlbeck <jerlbeck@sysmocom.de> To: openbsc@lists.osmocom.org Subject: [PATCH 2/4] gprs: Fix GSUP cancel_type handling (Coverity) Date: Tue, 7 Apr 2015 17:49:48 +0200 Message-Id: <1428421790-3423-2-git-send-email-jerlbeck@sysmocom.de> In-Reply-To: <1428421790-3423-1-git-send-email-jerlbeck@sysmocom.de> References: <1428421790-3423-1-git-send-email-jerlbeck@sysmocom.de> summary: Content analysis details: (2.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 2.7 DNS_FROM_AHBL_RHSBL RBL: Envelope sender listed in dnsbl.ahbl.org -0.5 BAYES_05 BODY: Bayes spam probability is 1 to 5% [score: 0.0324] Precedence: list Errors-To: openbsc-bounces@lists.osmocom.org Sender: "OpenBSC" <openbsc-bounces@lists.osmocom.org>

Message ID

1428421790-3423-2-git-send-email-jerlbeck@sysmocom.de

State

Accepted

Headers

From: Jacob Erlbeck <jerlbeck@sysmocom.de>
To: openbsc@lists.osmocom.org
Subject: [PATCH 2/4] gprs: Fix GSUP cancel_type handling (Coverity)
Date: Tue,  7 Apr 2015 17:49:48 +0200
Message-Id: <1428421790-3423-2-git-send-email-jerlbeck@sysmocom.de>
In-Reply-To: <1428421790-3423-1-git-send-email-jerlbeck@sysmocom.de>
References: <1428421790-3423-1-git-send-email-jerlbeck@sysmocom.de>
Precedence: list
Errors-To: openbsc-bounces@lists.osmocom.org
Sender: "OpenBSC" <openbsc-bounces@lists.osmocom.org>

Commit Message

Jacob Erlbeck April 7, 2015, 3:49 p.m. UTC

When handling an incoming GSUP cancellation request, the cancel_type
if effectively ignored, such that is always handled as
GPRS_GSUP_CANCEL_TYPE_UPDATE and never as WITHDRAW.

This commit fixes the expression used to set the variable
is_update_procedure.

Fixes: Coverity CID 1267739
Sponsored-by: On-Waves ehf
---
 openbsc/src/gprs/gprs_subscriber.c |  3 ++-
 openbsc/tests/sgsn/sgsn_test.c     | 12 ++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/openbsc/src/gprs/gprs_subscriber.c b/openbsc/src/gprs/gprs_subscriber.c
index 8486834..e3da0f8 100644
--- a/openbsc/src/gprs/gprs_subscriber.c
+++ b/openbsc/src/gprs/gprs_subscriber.c
@@ -492,7 +492,8 @@  static int gprs_subscr_handle_loc_cancel_req(struct gsm_subscriber *subscr,
 					     struct gprs_gsup_message *gsup_msg)
 {
 	struct gprs_gsup_message gsup_reply = {0};
-	int is_update_procedure = !gsup_msg->cancel_type || gsup_msg->cancel_type;
+	int is_update_procedure = !gsup_msg->cancel_type ||
+		gsup_msg->cancel_type == GPRS_GSUP_CANCEL_TYPE_UPDATE;
 
 	LOGGSUBSCRP(LOGL_INFO, subscr, "Cancelling MS subscriber (%s)\n",
 		    is_update_procedure ?
diff --git a/openbsc/tests/sgsn/sgsn_test.c b/openbsc/tests/sgsn/sgsn_test.c
index 6fc4f99..197be9d 100644
--- a/openbsc/tests/sgsn/sgsn_test.c
+++ b/openbsc/tests/sgsn/sgsn_test.c
@@ -440,6 +440,12 @@  static void test_subscriber_gsup(void)
 		0x06, 0x01, 0x00,
 	};
 
+	static const uint8_t location_cancellation_req_withdraw[] = {
+		0x1c,
+		TEST_GSUP_IMSI1_IE,
+		0x06, 0x01, 0x01,
+	};
+
 	static const uint8_t location_cancellation_req_other[] = {
 		0x1c,
 		0x01, 0x05, 0x11, 0x11, 0x11, 0x11, 0x01,
@@ -582,6 +588,12 @@  static void test_subscriber_gsup(void)
 	OSMO_ASSERT(s1->flags & GPRS_SUBSCRIBER_CANCELLED);
 	OSMO_ASSERT(s1->sgsn_data->mm == NULL);
 
+	/* Inject LocCancelReq(withdraw) GSUP message */
+	rc = rx_gsup_message(location_cancellation_req_withdraw,
+			     sizeof(location_cancellation_req_withdraw));
+	OSMO_ASSERT(rc >= 0);
+	OSMO_ASSERT(s1->sgsn_data->error_cause == GMM_CAUSE_IMPL_DETACHED);
+
 	/* Inject PurgeMsRes GSUP message */
 	rc = rx_gsup_message(purge_ms_res,
 			     sizeof(purge_ms_res));

[2/4] gprs: Fix GSUP cancel_type handling (Coverity)

Commit Message

Patch