laforge has submitted this change. (
https://gerrit.osmocom.org/c/osmo-gbproxy/+/33738 )
Change subject: gbprox_rx_ptp_from_bss: fix dangling pointer
......................................................................
gbprox_rx_ptp_from_bss: fix dangling pointer
Building with gcc (Debian 12.2.0-14) 12.2.0 and --enable-werror fails
without this during "make distcheck":
../../../src/gb_proxy.c:450:24: error: storing the address of local variable
'tp' in '((struct libgb_msgb_cb *)msg)[2].bssgp_cell_id'
[-Werror=dangling-pointer=]
450 | msgb_bcid(msg) = (void *)&tp;
This means that gcc now warns (and we turn that into an error) if one
assigns the address of a local (stack) variable to something allocated
on the heap, and doesn't remove that reference before ending the function
(invalidating the stack).
Related: OS#6057
Change-Id: Ie51e37572993cb5dc24ecf13bc300225f09cb744
---
M src/gb_proxy.c
1 file changed, 23 insertions(+), 0 deletions(-)
Approvals:
Jenkins Builder: Verified
laforge: Looks good to me, approved
diff --git a/src/gb_proxy.c b/src/gb_proxy.c
index a7554a6..356bec8 100644
--- a/src/gb_proxy.c
+++ b/src/gb_proxy.c
@@ -532,6 +532,8 @@
if (rc < 0)
rate_ctr_inc(rate_ctr_group_get_ctr(bss_bvc->ctrg,
GBPROX_PEER_CTR_FWD_FROM_BSS_ERR));
+ /* avoid a dangling pointer from heap to stack (see above "hack" to set
it to &tp) */
+ msgb_bcid(msg) = 0;
return 0;
}
--
To view, visit https://gerrit.osmocom.org/c/osmo-gbproxy/+/33738
To unsubscribe, or for help writing mail filters, visit
https://gerrit.osmocom.org/settings
Gerrit-Project: osmo-gbproxy
Gerrit-Branch: master
Gerrit-Change-Id: Ie51e37572993cb5dc24ecf13bc300225f09cb744
Gerrit-Change-Number: 33738
Gerrit-PatchSet: 3
Gerrit-Owner: osmith <[email protected]>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: daniel <[email protected]>
Gerrit-Reviewer: fixeria <[email protected]>
Gerrit-Reviewer: laforge <[email protected]>
Gerrit-Reviewer: pespin <[email protected]>
Gerrit-MessageType: merged
