summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* pseudotalloc: Simplistic wrapper of talloc_named()Harald Welte2019-07-312-0/+6
| | | | | | | | The pseudotalloc layer doesn't yet support talloc_named() API which will be used by the upcoming "context" change. Let's add this function to pseudotalloc.c for our arm-non-eabi builds. Change-Id: I4d91ebd73a3357a17ef9143a1b41b90186d4c128
* avoid gcc format error on embedded buildsHarald Welte2019-07-311-1/+1
| | | | | | | | | | | | | when using gcc 8.3.0 on Debian unstable and doing an embedded build, I'm getting the following error: > fsm.c:621:40: error: format '%ld' expects argument of type > 'long int', but argument 6 has type 'time_t {aka long long int}' > [-Werror=format=] Let's avoid that... Change-Id: I92fb9b08def8475739f0dc6316de43b166f48ac3
* vty/vty.c: the command buffer can be accessed directlyVadim Yanitskiy2019-07-301-7/+7
| | | | Change-Id: Ic6d7d68e9a559a6fb5bd6eaf6eccceae51e7ed39
* vty/vty.c: fix vty_read(): prevent further heap-buffer overrunVadim Yanitskiy2019-07-301-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After reading data from the socket, assigned to a given VTY, we need to '\0'-terminate the received string. Otherwise, further access to that string, stored in a heap buffer vty->buf, would lead to a heap overrun. == How to reproduce? $ python -c "print 'A' * 512" | telnet $HOST $PORT ==21264==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6190000211e0 at pc 0x000000435d2f bp 0x7ffc06c7add0 sp 0x7ffc06c7a578 READ of size 1025 at 0x6190000211e0 thread T0 #0 0x435d2e in __interceptor_strlen (/usr/local/bin/osmo-msc+0x435d2e) #1 0x7fb95bfa5624 in talloc_strdup (/usr/lib/x86_64-linux-gnu/libtalloc.so.2+0x6624) #2 0x7fb95c1be2bc in vty_hist_add /opt/osmocom/libosmocore/src/vty/vty.c:578 #3 0x7fb95c1be2bc in vty_execute /opt/osmocom/libosmocore/src/vty/vty.c:703 #4 0x7fb95c1be2bc in vty_read /opt/osmocom/libosmocore/src/vty/vty.c:1425 #5 0x7fb95c1bfd78 in client_data /opt/osmocom/libosmocore/src/vty/telnet_interface.c:157 #6 0x7fb95b90bd33 in osmo_fd_disp_fds /opt/osmocom/libosmocore/src/select.c:223 #7 0x7fb95b90bd33 in osmo_select_main /opt/osmocom/libosmocore/src/select.c:263 #8 0x5006cc in main /opt/osmocom/osmo-msc/src/osmo-msc/msc_main.c:723:3 #9 0x7fb959935f44 in __libc_start_main /build/eglibc-xkFqqE/eglibc-2.19/csu/libc-start.c:287 #10 0x4226fb in _start (/usr/local/bin/osmo-msc+0x4226fb) == Why exactly 512? Because the initial size of the heap buffer is 512 (see VTY_BUFSIZ). Later on it can be realloc()ated, so X > 512 should also work. Found using AddressSanitizer and Radamsa [1] fuzzer. [1] https://gitlab.com/akihe/radamsa Change-Id: I82f774ad18d0e555eb8f3590a519946d9c583c78
* vty/telnet_interface.c: log connection accept() / close() eventsVadim Yanitskiy2019-07-301-0/+12
| | | | | | | | | | | | | | Unfortunately, osmo_sock_get_name_buf() fails in telnet_close_client(): DLGLOBAL INFO telnet_interface.c:130 Closing telnet connection <error-in-getsockname> because getsockname(), getpeername(), and even close() fail with: "Bad file descriptor". This looks like a bug of the existing code. Change-Id: I77b31abfa159d2f269deaa5a08d94b7bbba7d23c
* vty/logging_vty.c: fix writing of 'print category-hex'Vadim Yanitskiy2019-07-301-0/+2
| | | | Change-Id: I33837f0fac1afe83596fa600916abc05ecb8c356
* vty/telnet_interface.c: avoid unneeded initializationVadim Yanitskiy2019-07-271-1/+1
| | | | | | | | Unconditional initialization follows the structure definition, so there is no need to do it twice. This prevents compiler from warning about potential errors. Change-Id: If9fd2826f132dfa203dda62940d93dbdfcfd92ac
* vty/telnet_interface.c: use DLGLOBAL logging sub-systemVadim Yanitskiy2019-07-271-2/+2
| | | | Change-Id: I1564f4714a33d36792e4982deb8f19d1b740dc0c
* gsm/gsm48.h: drop meaningless 'const' from gsm48_mi_to_string()Vadim Yanitskiy2019-07-261-2/+1
| | | | Change-Id: I5eb17edadf89ac47b4ca86c9e822037f7c0e518e
* stats_vty: Add verb to sentence for show asciidoc countersDaniel Willmann2019-07-251-1/+1
| | | | Change-Id: Ib444383d2074ddb89b3fe5bbf198bcbfabd7057f
* tell ubsan to ignore SUN_LENEric Wild2019-07-211-0/+3
| | | | | | | | | | | | | ubsan will report undefined behavior due to the SUN_LEN macros interaction with a null pointer, so let's tell ubsan to ignore this function. After carefully reviewing the final publically availlable drafts of the C99,C11 and C18 standards I can confirm that dereferencing null pointers is still undefined behavior, as such ubsan will always warn with absolutely every existing compiler version. Since the sanitizers are periodically synced between llvm and gcc I'm also fairly confident that rebuilding everything with compiler_rt to use the integrated sanitizers would result in the same message. I sincerly hope that this explanation provides to be sufficient, If not I'd be willing to show up at the next llvm dev meeting to provide quotes from actual sanitizer developers to back up these claims. Change-Id: I0ff445072f1b46390c9f70b21d61c789e39358d5
* gsm/gsm0480.c: use DLGLOBAL and LOGL_ERROR for loggingVadim Yanitskiy2019-07-211-13/+13
| | | | Change-Id: Id38272ff93fae6d2fdf39df4ffc74856d6c9a898
* gsm/gsm0480.c: parse_ss(): drop needless debug printVadim Yanitskiy2019-07-211-2/+0
| | | | Change-Id: Ie18c291d0cfe3b246d09ac6cfd9591951a2984c8
* osmo_get_rand_id(): Avoid dead code by proper #if/#else/#endifHarald Welte2019-07-211-1/+2
| | | | | Change-Id: I34e465dead179487f7d4508e0e6ecf0e838c6eb7 Closes: CID#177910
* tdef: remove bogus OSMO_ASSERT(unsigned long >= 0)Harald Welte2019-07-211-1/+0
| | | | | Change-Id: I7a544d2d43b83135def296674f777e48fe5fd80a Closes: CID#190866
* cbsp.c: Remove dead codeHarald Welte2019-07-211-3/+1
| | | | | Change-Id: I0888fbad0f9094ec1b31e2cceecfc9cd372399bd Closes: CID#202057
* cbsp: Introduce osmo_cbsp_errstrHarald Welte2019-07-202-28/+100
| | | | | | | | | | | | | | Rather than having the encoder/decoder library print some log messages in case of encoding/decoding errors, let's provide something akin to 'errno', but with a string instead of a numeric error code. The 'osmo_cbsp_errstr' global variable (if set) contains a human-readable string describing the most recent encoding/decoding error. It exists separately for each thread and hence can be used safely in multi-threaded environments. Change-Id: Id9a5a595a76ba278647aee9470ded213d8464103
* CBSP (Cell Broadcast Service Protocol; 3GPP TS 48.049) supportHarald Welte2019-07-204-1/+1532
| | | | | | | | | | This introduces definitions as well as a parser+encoder for the Cell Broadcast Service Protocol (CBSP) as specified in 3GPP TS 48.049. CBSP is used on the interface between CBC and BSC. Related: OS#3537 Change-Id: I5b7ae08f67e415967b60ac4b824db9e22ca00935
* bitvec/bitval2mask(): cosmetic: get rid of temporary int variableVadim Yanitskiy2019-07-181-11/+4
| | | | Change-Id: I9d6f6b66c99c43107d1ad3e80af332e967bb19e8
* osmo_gsm48_rest_octets_si3_decode(): fix copy-paste error in commentVadim Yanitskiy2019-07-181-1/+1
| | | | Change-Id: I57a330e16cc2910597672e1b27cf971499cea5bc
* utils.h: require a semi colon after OSMO_ASSERTAlexander Couzens2019-07-081-3/+3
| | | | | | | | | When using `OSMO_ASSERT(exp);` clang will warn about an empty expression because the semi colon was superflous. Use do {} while (0) to enfore the need of a semi colon. This might break other test. Change-Id: I2272d29a81496164bebd1696a694383a28a86434
* vty: Simplify char escaping in asciidoc outputPau Espin Pedrol2019-06-251-9/+4
| | | | Change-Id: I7df6858bb98abffc1d5bf420f991ae5854b24638
* gsm: lapd_core: Log timeout used upon start of T200Pau Espin Pedrol2019-06-211-1/+2
| | | | | | | | The timeout is calculated dynamically in t200_by_lchan() based on FN advance value estimated by bts_get_avg_fn_advance(), so it's informative to have the final value printed out. Change-Id: Ib50a9c23de881c66c9218833703cc41101e06bfd
* vty: Remove trailing whitespace in output from show asciidocPau Espin Pedrol2019-06-191-2/+2
| | | | Change-Id: Ifb3115c7488fbcf082cc9b92abc25cf7c46064e0
* bitvec: correct comment in bitvec_allocAlexander Couzens2019-06-171-1/+1
| | | | | | The function allocates x bytes not bits for the vector. Change-Id: I60fbe9fe9acd11c5d3232207f1bb677e8a98625f
* Revert "fsm.c: Print error message for FSM with allstate_action but no events"Vadim Yanitskiy2019-06-161-11/+0
| | | | | | | | | This reverts commit b3f94eb39e19366c3458643ee329a73155d46ff8, that unfortunately breaks some projects which call osmo_fsm_register() on DSO load (i.e. using __attribute__((constructor))) before the logging is initialized. Change-Id: Idc6fcce7e946c23d48589b920e309d60aa7b6645
* fsm.c: Print error message for FSM with allstate_action but no eventsHarald Welte2019-06-151-0/+11
| | | | | | | | | | As suggested by Vadim while reviewing a related fix for ipa_keepalive.c in libosmo-abis (see https://gerrit.osmocom.org/#/c/libosmo-abis/+/13540/), it makes sense to print an error message if anyone registers a FSM that specifies an allstate_action callback but at the same time no events that would ever end up in that callback. Change-Id: I9e73f7363ab15a00843e3f0d1e5776f4be7ebc46
* vty: command.c: Fix: single-choice optional args are no longer passed ↵Pau Espin Pedrol2019-06-141-5/+14
| | | | | | | | | | | incomplete to vty func For instance, take command "single0 [one]": If user executes "single0 on", VTY func will receive argv[0]="one" instead of argv[0]="on". Related: OS#4045 Change-Id: I5f4e2d16c62a2d22717989c6acc77450957168cb
* vty: command.c: Fix: multi-choice args are no longer passed incomplete to ↵Pau Espin Pedrol2019-06-141-7/+44
| | | | | | | | | | | vty func For instance, take command "multi0 (one|two|three)": If user executes "multi0 tw", VTY func will receive argv[0]="two" instead of argv[0]="tw". Fixes: OS#4045 Change-Id: I91b6621ac3d87fda5412a9b415e7bfb4736c8a9a
* vty: command.c: Get rid of big indentation blockPau Espin Pedrol2019-06-141-30/+30
| | | | | | This block will become bigger in forthcoming commits. Change-Id: Ibc1494014b1e77ce10950f7268a44d2d2091a6f2
* command.c: Improve return check condition in cmd_execut_command_real()Pau Espin Pedrol2019-06-141-2/+2
| | | | | | | Check against MAX argc is changed to == since it cannot be incremented twice without passing the check. Change-Id: Ia330e475989fda863bedcc3cbf94deaf8dd83037
* logging: Use reentrant ctime_r instead of ctimePau Espin Pedrol2019-06-131-5/+8
| | | | | | | | It was noticed that multithreaded processes like osmo-trx can crash upon using ctime(). Related: OS#4055 Change-Id: I19ebf29a2f1fc855bb7d56766b338c7c3432dfd1
* logging: Check return error from time() callPau Espin Pedrol2019-06-131-1/+2
| | | | | Related: OS#4055 Change-Id: Ief155a76169426a677256e09d3e91751c4e2529f
* fix isdigit taking unsigned as inputKévin Redon2019-06-132-2/+2
| | | | | | | | | | | | | fixes the following error warnings when cross-compiling using: ./configure --enable-static --prefix=/usr/local/arm-none-eabi --host=arm-none-eabi --enable-embedded --disable-doxygen --disable-shared --disable-pseudotalloc --enable-external-tests CFLAGS="-Os -ffunction-sections -fdata-sections -nostartfiles -nodefaultlibs -Werror -Wno-error=deprecated -Wno-error=deprecated-declarations -Wno-error=cpp -mthumb -Os -mlong-calls -g3 -mcpu=cortex-m4 -mfloat-abi=softfp -mfpu=fpv4-sp-d16 -Wno-error=format" utils.c:1002:18: error: array subscript has type 'char' [-Werror=char-subscripts] 1002 | if (!isdigit(in[i])) gsm23003.c:414:34: error: array subscript has type 'char' [-Werror=char-subscripts] 414 | if (!mnc_str || !isdigit(mnc_str[0]) || strlen(mnc_str) > 3) Change-Id: Ia13fd5ee79fc6dc3291c0b99958ab3c01afee17d
* vty: command.c: Get rid of huge indentation blockPau Espin Pedrol2019-06-121-91/+94
| | | | | | | | Huge conditional block inside for loop is negated in this patch together with a "continue" keyword, similar to what was already done recently in 4742526645d6137dd90ef369f0415afdb91736dc. Change-Id: I803c4ed38e9ab09bf929528c75a60e6f65da3928
* cosmetic: vty: command.c: Use upper case for enum match_type value namesPau Espin Pedrol2019-06-121-101/+101
| | | | | | | Makes code easier to follow because enum values no longer look like variables. Change-Id: Ib6e9592c5962d047869a280c10f9b557fae6f435
* core/utils: drop meaningless const from return value of osmo_luhn()Vadim Yanitskiy2019-06-121-1/+1
| | | | Change-Id: I085da06f31a0a6862ae2ba041fafc134cc240f7e
* vty: command.c: Fix is_cmd_ambiguous() returning always 0Pau Espin Pedrol2019-06-111-5/+5
| | | | | | | | | | inner block defined variable "enum match_type ret" was being masking outter block variable "int ret = 0". The ret variable was being given non zero values only inside the inner block, so that change was done on the inner variable and not the outer one, which is returned. Fixes: 5314c513f23688462d7f7937e5ae5e0d5cd4548e Change-Id: Iec87d7db49a096d07e38ff8a060b923a52bfd6ba
* vty: command.c: Get rid of huge indentation blockPau Espin Pedrol2019-06-111-84/+87
| | | | | | | Huge conditional block inside foor loop is negated in this patch together with a "continue" keyword. Change-Id: I9715734ed276f002fdc8c3b9742531ad36b2ef9e
* gsm48_decode_bcd_number2: fix ENOSPC edge caseOliver Smith2019-06-071-3/+13
| | | | | | | | | | | | | Return ENOSPC if the decoding buffer is one byte too small, instead of returning 0 and silently truncating the string. Add a new "truncated" variable to detect if the loop breaks in the final iteration. The string is not truncated if there is exactly one 0xf ('\0') higher nibble remaining. This is covered by the existing test case "long 15-digit (maximum) MSISDN, limited buffer". Related: OS#4049 Change-Id: Ie05900aca50cc7fe8a45d17844dbfcd905fd82fe
* fsm: Reduce amount of copy+pasted LOGPFSMSRC() statementsHarald Welte2019-06-051-17/+15
| | | | | | | | Instead of copy+pasting the same LOGPFSMSRC("State change to " ...) with slightly different trailer depending on the FSM timer, let's first snprintf() to a stack variable and then have a single log statement. Change-Id: I49528c4ca1fa11aef09c2092615dccca450b847c
* fsm: Allow millisecond granularity in osmo_fsm built-in timerHarald Welte2019-06-051-23/+31
| | | | | | | | | | | | | | | | | | | | | | | So far, the public API of osmo_fsm only allowed integral seconds as timeout. Let's change that to milli-seconds in order to cover more use cases. This introduces * osmo_fsm_inst_state_chg_ms() * osmo_fsm_inst_state_chg_keep_or_start_timer_ms() Which both work exactly like their previous counterparts without the _ms suffix - the only difference being that the timeout parameter is specified in milli-seconds, not in seconds. The value range for an unsigned long in milli-seconds even on a 32bit platform extends to about 48 days. This patch also removes the documentation notice about limiting the maximum value to 0x7fffffff due to time_t signed-ness. We don't use time_t but unsigned long. Change-Id: I35b330e460e80bb67376c77e997e464439ac5397
* lapd_core: Perform N200 retransmissions, not N200-1Harald Welte2019-06-051-4/+4
| | | | | | | | | | | | | | | During testing with BTS_Tests_LAPDm.TC_t200_n200() it was discovered that the existing LAPD[m] implementation always gave up at N200-1 retransmissions, rather than N200 retransmissions. The first transmission doesn't count, and hence we must have N200 actual re-transmissions. The Error message is then described as "T200 expired N200+1 times", i.e. we start T200 one more time after the last re-transmission and only give up if it expires again (i.e. no ACK received) Change-Id: Ic33854ee61311f73b7db55eeef10280349151097 Related: OS4037
* lapdm: Allow user to specify T200 values; Use correct N200 valuesHarald Welte2019-06-052-12/+76
| | | | | | | | | | | | | | | | | | TS 04.06 specifies a N200 re-transmission counter that depends on the channel type, which we didn't care about at all so far. Let's have the caller tell us the channel type so we can internally look up the correct N200 value for it. At the same time, permit the user to specify T200 re-transmission timer values for each SAPI on both DCCH and ACCH, which is required at least in the BTS as per GSM TS 12.21. Also, extend the timer resolution of the API from seconds to milli-seconds, which is more applicable as particularly on the FACCH the recommended values are in the 200ms range. Change-Id: I90fdc4dd4720d4e02213197c894eb0a55a39158c Related: OS#3906 Related: OS#2294 Related: OS#4037
* gsm0808_utils: Add gsm0808_decode_cell_id_u()Harald Welte2019-06-042-11/+59
| | | | | | | | | This function parses a single Cell ID list element into a 'union gsm0808_cell_id_u'. This function is going to be used by the upcoming CBSP support. Related: OS#3537 Change-Id: I08b33881667aa32f01e53ccb70d44d5b79c7c986
* make all library-internal static buffers thread-localHarald Welte2019-06-0413-33/+32
| | | | | | | | | | | | | | | We have a number of library-internal static global buffers which are mainly used for various stringification functions. This worked as all of the related Osmocom programs were strictly single-threaded. Let's make those buffers at least thread-local. This way every thread gets their own set of buffers, and it's safe for multiple threads to execute the same functions once. They're of course still not re-entrant. If you need re-entrancy, you will need to use the _c() or _buf() suffix version of those functions and work with your own (stack or heap) buffers. Change-Id: I50eb2436a7c1261d79a9d2955584dce92780ca07
* lapdm: Don't truncate L3 payload at 200 bytes lengthHarald Welte2019-06-021-1/+1
| | | | | | | | | 3GPP TS 04.06 is quite clear that the [segmented] L3 payload can be as long as 251 bytes. Our libosmocore lapdm implementation truncated already at 200 bytes :( Change-Id: I6769986f27dda1d429ed7b2e32c36d34663acba9 Closes: OS#4035
* socket.c: fix Doxygen doc for osmo_sock_unix_init_ofd()Vadim Yanitskiy2019-06-011-2/+2
| | | | | | One typo s/optionall/optionally/, and a few incorrect references. Change-Id: Iab42aa376b5cf4cf36413fede46e001c6b2d1525
* vty/command.c: cosmetic: add missing curly bracketsVadim Yanitskiy2019-06-011-2/+4
| | | | | | Otherwise it's a bit hard to read the code. Change-Id: I807ec71cfb67976251be844cdb2d2776b1837438
* gsm48_encode_bcd_number(): clarify optional LHV header initializationVadim Yanitskiy2019-05-291-1/+7
| | | | Change-Id: Iafd911dd55691b3715391e3899cd6971245c8d7f