diff --git a/common/utils/hashtable/hashtable.c b/common/utils/hashtable/hashtable.c
index 7b0fc422139c6bf566ea8c824924b5f40047c4d9..50c2ec83245bd5dc5d7ce69e89103c5c96c1f2a1 100644
--- a/common/utils/hashtable/hashtable.c
+++ b/common/utils/hashtable/hashtable.c
@@ -358,6 +358,7 @@ hashtable_rc_t hashtable_resize(hash_table_t *const hashtblP, const hash_size_t
newtbl.size = sizeP;
newtbl.hashfunc = hashtblP->hashfunc;
+ newtbl.num_elements = 0;
if(!(newtbl.nodes=calloc(sizeP, sizeof(hash_node_t *)))) return -1;
diff --git a/nfapi/oai_integration/nfapi_pnf.c b/nfapi/oai_integration/nfapi_pnf.c
index a4b83e613b3c5685ab574ce84c30aad521916c67..c835f38e115a449b6ede31168954873b52219288 100644
--- a/nfapi/oai_integration/nfapi_pnf.c
+++ b/nfapi/oai_integration/nfapi_pnf.c
@@ -540,6 +540,7 @@ int config_request(nfapi_pnf_config_t *config, nfapi_pnf_phy_config_t *phy, nfap
}
if(req->nfapi_config.earfcn.tl.tag == NFAPI_NFAPI_EARFCN_TAG) {
+ fp->eutra_band = 0;
fp->dl_CarrierFreq = from_earfcn(fp->eutra_band, req->nfapi_config.earfcn.value);
fp->ul_CarrierFreq = fp->dl_CarrierFreq - (get_uldl_offset(fp->eutra_band) * 1e5);
num_tlv++;
diff --git a/openair1/PHY/LTE_TRANSPORT/if5_tools.c b/openair1/PHY/LTE_TRANSPORT/if5_tools.c
index e84184d1e4a71d28d030b1f7a247b105cc7ed82b..9e31735f819a6720932f78e6d39124d9177bd6b7 100644
--- a/openair1/PHY/LTE_TRANSPORT/if5_tools.c
+++ b/openair1/PHY/LTE_TRANSPORT/if5_tools.c
@@ -327,6 +327,7 @@ void recv_IF5(RU_t *ru, openair0_timestamp *proc_timestamp, int subframe, uint16
uint16_t *j = NULL;
openair0_timestamp timestamp[spsf / spp_eth];
+ memset(timestamp, 0, sizeof(timestamp));
eth_state_t *eth = (eth_state_t*) (ru->ifdevice.priv);
VCD_SIGNAL_DUMPER_DUMP_FUNCTION_BY_NAME( VCD_SIGNAL_DUMPER_FUNCTIONS_RECV_IF5, 1 );
@@ -606,7 +607,7 @@ void recv_IF5(RU_t *ru, openair0_timestamp *proc_timestamp, int subframe, uint16
}
}
#endif
-
+ free(rx_buffer);
}
diff --git a/openair1/PHY/LTE_TRANSPORT/pcfich.c b/openair1/PHY/LTE_TRANSPORT/pcfich.c
index 18a156c3fbc004f0421c67eb635c08102833d5e8..3646732ce3b74b2c167e39ae852fd9f88ada3a42 100644
--- a/openair1/PHY/LTE_TRANSPORT/pcfich.c
+++ b/openair1/PHY/LTE_TRANSPORT/pcfich.c
@@ -83,6 +83,8 @@ void generate_pcfich(uint8_t num_pdcch_symbols,
subframe,num_pdcch_symbols,amp,frame_parms->nb_antenna_ports_eNB,frame_parms->Ncp);
#endif
+ memset(pcfich_bt, 0, sizeof(pcfich_bt));
+
// scrambling
if ((num_pdcch_symbols>0) && (num_pdcch_symbols<4))
pcfich_scrambling(frame_parms,subframe,pcfich_b[num_pdcch_symbols-1],pcfich_bt);
diff --git a/openair1/SIMULATION/ETH_TRANSPORT/netlink_init.c b/openair1/SIMULATION/ETH_TRANSPORT/netlink_init.c
index df9114336fcebaf8dcf54604bff864297b7843d0..396c76f8e61bdb344034b22a0673fbfc235a039a 100644
--- a/openair1/SIMULATION/ETH_TRANSPORT/netlink_init.c
+++ b/openair1/SIMULATION/ETH_TRANSPORT/netlink_init.c
@@ -81,7 +81,7 @@ static int tun_alloc(char *dev) {
ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
if( *dev )
- strncpy(ifr.ifr_name, dev, IFNAMSIZ);
+ strncpy(ifr.ifr_name, dev, sizeof(ifr.ifr_name)-1);
if( (err = ioctl(fd, TUNSETIFF, (void *) &ifr)) < 0 ) {
close(fd);
diff --git a/openair2/COMMON/s1ap_messages_types.h b/openair2/COMMON/s1ap_messages_types.h
index 2ea8237184fa96462c3fffe17f7877b3f2200db5..2615494d3b6168d882c2a697a2ead53d7cbdf06b 100644
--- a/openair2/COMMON/s1ap_messages_types.h
+++ b/openair2/COMMON/s1ap_messages_types.h
@@ -22,6 +22,7 @@
#ifndef S1AP_MESSAGES_TYPES_H_
#define S1AP_MESSAGES_TYPES_H_
+#include "LTE_asn_constant.h"
//-------------------------------------------------------------------------------------------//
// Defines to access message fields.
@@ -62,7 +63,7 @@
/* Maximum number of e-rabs to be setup/deleted in a single message.
* Even if only one bearer will be modified by message.
*/
-#define S1AP_MAX_E_RAB 11
+#define S1AP_MAX_E_RAB (LTE_maxDRB + 3)
/* Length of the transport layer address string
* 160 bits / 8 bits by char.
diff --git a/openair2/ENB_APP/CONTROL_MODULES/MAC/flexran_agent_mac.c b/openair2/ENB_APP/CONTROL_MODULES/MAC/flexran_agent_mac.c
index 656cedfe6254b6ce95141b16e06a0142e5cecb90..45ac61a92779a43d200017fa16cf1799cbac9395 100644
--- a/openair2/ENB_APP/CONTROL_MODULES/MAC/flexran_agent_mac.c
+++ b/openair2/ENB_APP/CONTROL_MODULES/MAC/flexran_agent_mac.c
@@ -192,8 +192,14 @@ int flexran_agent_mac_stats_reply(mid_t mod_id,
for (j = 0; j < dl_report->n_csi_report; j++) {
csi_reports[j] = malloc(sizeof(Protocol__FlexDlCsi));
- if (csi_reports[j] == NULL)
+ if (csi_reports[j] == NULL) {
+ for (k = 0; k < j; k++) {
+ free(csi_reports[k]);
+ }
+ free(csi_reports);
+ csi_reports = NULL;
goto error;
+ }
protocol__flex_dl_csi__init(csi_reports[j]);
//The servCellIndex for this report
csi_reports[j]->serv_cell_index = j;
@@ -213,8 +219,14 @@ int flexran_agent_mac_stats_reply(mid_t mod_id,
Protocol__FlexCsiP10 *csi10;
csi10 = malloc(sizeof(Protocol__FlexCsiP10));
- if (csi10 == NULL)
- goto error;
+ if (csi10 == NULL) {
+ for (k = 0; k <= j; k++) {
+ free(csi_reports[k]);
+ }
+ free(csi_reports);
+ csi_reports = NULL;
+ goto error;
+ }
protocol__flex_csi_p10__init(csi10);
//TODO: set the wideband value
// NN: this is also depends on cc_id
@@ -229,8 +241,14 @@ int flexran_agent_mac_stats_reply(mid_t mod_id,
Protocol__FlexCsiP11 *csi11;
csi11 = malloc(sizeof(Protocol__FlexCsiP11));
- if (csi11 == NULL)
- goto error;
+ if (csi11 == NULL) {
+ for (k = 0; k <= j; k++) {
+ free(csi_reports[k]);
+ }
+ free(csi_reports);
+ csi_reports = NULL;
+ goto error;
+ }
protocol__flex_csi_p11__init(csi11);
csi11->wb_cqi = malloc(sizeof(csi11->wb_cqi));
@@ -274,8 +292,14 @@ int flexran_agent_mac_stats_reply(mid_t mod_id,
Protocol__FlexCsiP20 *csi20;
csi20 = malloc(sizeof(Protocol__FlexCsiP20));
- if (csi20 == NULL)
- goto error;
+ if (csi20 == NULL) {
+ for (k = 0; k <= j; k++) {
+ free(csi_reports[k]);
+ }
+ free(csi_reports);
+ csi_reports = NULL;
+ goto error;
+ }
protocol__flex_csi_p20__init(csi20);
csi20->wb_cqi = flexran_get_ue_wcqi (enb_id, UE_id);
@@ -417,7 +441,12 @@ int flexran_agent_mac_stats_reply(mid_t mod_id,
for (j = 0; j < paging_report->n_paging_info; j++) {
p_info[j] = malloc(sizeof(Protocol__FlexPagingInfo));
- if(p_info[j] == NULL){
+ if (p_info[j] == NULL) {
+ for (k = 0; k < j; k++) {
+ free(p_info[k]);
+ }
+ free(p_info);
+ p_info = NULL;
free(paging_report);
goto error;
}
diff --git a/openair2/ENB_APP/CONTROL_MODULES/MAC/flexran_agent_mac_internal.c b/openair2/ENB_APP/CONTROL_MODULES/MAC/flexran_agent_mac_internal.c
index 2a7d1fe186d06b62aadbb50e17a926756db9719a..30c10940c99fb8496e12b197c8a641baa7a211c2 100644
--- a/openair2/ENB_APP/CONTROL_MODULES/MAC/flexran_agent_mac_internal.c
+++ b/openair2/ENB_APP/CONTROL_MODULES/MAC/flexran_agent_mac_internal.c
@@ -361,6 +361,14 @@ Protocol__FlexDlCqiReport * copy_dl_cqi_report(Protocol__FlexDlCqiReport * origi
error:
/*TODO: Must free memory properly*/
+ if (dl_report != NULL) {
+ if (csi_reports != NULL) {
+ free(csi_reports);
+ csi_reports = NULL;
+ }
+ free(dl_report);
+ dl_report = NULL;
+ }
return NULL;
}
@@ -555,6 +563,74 @@ Protocol__FlexDlCsi * copy_csi_report(Protocol__FlexDlCsi * original) {
return copy;
error:
+ if (copy != NULL) {
+ if ((copy->p11csi != NULL) && (copy->p11csi->wb_cqi != NULL)) {
+ free(copy->p11csi->wb_cqi);
+ copy->p11csi->wb_cqi = NULL;
+ }
+ if (copy->p21csi != NULL) {
+ if (copy->p21csi->wb_cqi != NULL) {
+ free(copy->p21csi->wb_cqi);
+ copy->p21csi->wb_cqi = NULL;
+ }
+ if (copy->p21csi->sb_cqi != NULL) {
+ free(copy->p21csi->sb_cqi);
+ copy->p21csi->sb_cqi = NULL;
+ }
+ }
+ if (copy->a12csi != NULL) {
+ if (copy->a12csi->wb_cqi != NULL) {
+ free(copy->a12csi->wb_cqi);
+ copy->a12csi->wb_cqi = NULL;
+ }
+ if (copy->a12csi->sb_pmi != NULL) {
+ free(copy->a12csi->sb_pmi);
+ copy->a12csi->sb_pmi = NULL;
+ }
+ }
+ if (copy->a22csi != NULL) {
+ if (copy->a22csi->wb_cqi != NULL) {
+ free(copy->a22csi->wb_cqi);
+ copy->a22csi->wb_cqi = NULL;
+ }
+ if (copy->a22csi->sb_cqi != NULL) {
+ free(copy->a22csi->sb_cqi);
+ copy->a22csi->sb_cqi = NULL;
+ }
+ if (copy->a22csi->sb_list != NULL) {
+ free(copy->a22csi->sb_list);
+ copy->a22csi->sb_list = NULL;
+ }
+ }
+ if ((copy->a20csi != NULL) && (copy->a20csi->sb_list != NULL)) {
+ free(copy->a20csi->sb_list);
+ copy->a20csi->sb_list = NULL;
+ }
+ if ((copy->a30csi != NULL) && (copy->a30csi->sb_cqi != NULL)) {
+ free(copy->a30csi->sb_cqi);
+ copy->a30csi->sb_cqi = NULL;
+ }
+ if (copy->a31csi != NULL) {
+ if (copy->a31csi->wb_cqi != NULL) {
+ free(copy->a31csi->wb_cqi);
+ copy->a31csi->wb_cqi = NULL;
+ }
+ if (copy->a31csi->sb_cqi != NULL) {
+ for (i = 0; i < copy->a31csi->n_sb_cqi; i++) {
+ if (copy->a31csi->sb_cqi[i] != NULL) {
+ if (copy->a31csi->sb_cqi[i]->sb_cqi != NULL) {
+ free(copy->a31csi->sb_cqi[i]->sb_cqi);
+ }
+ free(copy->a31csi->sb_cqi[i]);
+ }
+ }
+ free(copy->a31csi->sb_cqi);
+ copy->a31csi->sb_cqi = NULL;
+ }
+ }
+ free(copy);
+ copy = NULL;
+ }
return NULL;
}
@@ -1650,6 +1726,10 @@ int apply_ue_slice_assoc_update(mid_t mod_id)
int changes = 0;
for (i = 0; i < n_ue_slice_assoc_updates; i++) {
int ue_id = find_UE_id(mod_id, ue_slice_assoc_update[i]->rnti);
+ if (ue_id < 0 || ue_id > MAX_MOBILES_PER_ENB){
+ LOG_E(FLEXRAN_AGENT,"UE_id %d is wrong!!\n",ue_id);
+ continue;
+ }
if (ue_slice_assoc_update[i]->has_dl_slice_id) {
int slice_idx = flexran_find_dl_slice(mod_id, ue_slice_assoc_update[i]->dl_slice_id);
if (flexran_dl_slice_exists(mod_id, slice_idx)) {
diff --git a/openair2/ENB_APP/CONTROL_MODULES/RRC/flexran_agent_rrc.c b/openair2/ENB_APP/CONTROL_MODULES/RRC/flexran_agent_rrc.c
index dfc50683ff51baa5890263628066ee780e63ef39..fc8a9ba337c17599c250ed78621cf821bbfabfc1 100644
--- a/openair2/ENB_APP/CONTROL_MODULES/RRC/flexran_agent_rrc.c
+++ b/openair2/ENB_APP/CONTROL_MODULES/RRC/flexran_agent_rrc.c
@@ -400,8 +400,11 @@ int flexran_agent_rrc_stats_reply(mid_t mod_id,
/* Target Cell, Neghibouring*/
Protocol__FlexNeighCellsMeasurements *neigh_meas;
neigh_meas = malloc(sizeof(Protocol__FlexNeighCellsMeasurements));
- if (neigh_meas == NULL)
+ if (neigh_meas == NULL) {
+ free(rrc_measurements);
+ rrc_measurements = NULL;
goto error;
+ }
protocol__flex_neigh_cells_measurements__init(neigh_meas);
@@ -412,8 +415,12 @@ int flexran_agent_rrc_stats_reply(mid_t mod_id,
if (neigh_meas->n_eutra_meas > 0){
eutra_meas = malloc(sizeof(Protocol__FlexEutraMeasurements) * neigh_meas->n_eutra_meas);
- if (eutra_meas == NULL)
+ if (eutra_meas == NULL) {
+ free(neigh_meas);
+ free(rrc_measurements);
+ rrc_measurements = NULL;
goto error;
+ }
for (int j = 0; j < neigh_meas->n_eutra_meas; j++ ){
@@ -423,6 +430,9 @@ int flexran_agent_rrc_stats_reply(mid_t mod_id,
free(eutra_meas[k]);
}
free(eutra_meas);
+ free(neigh_meas);
+ free(rrc_measurements);
+ rrc_measurements = NULL;
goto error;
}
@@ -453,6 +463,8 @@ int flexran_agent_rrc_stats_reply(mid_t mod_id,
rrc_measurements->neigh_meas = neigh_meas;
+ } else {
+ free(neigh_meas);
}
ue_report[i]->rrc_measurements = rrc_measurements;
diff --git a/openair2/ENB_APP/flexran_agent_common.c b/openair2/ENB_APP/flexran_agent_common.c
index 16f74ccd2f89440a151a9e947115870c985dcf51..5cbcee370a8cd71a86ff630b8633527ad0b38127 100644
--- a/openair2/ENB_APP/flexran_agent_common.c
+++ b/openair2/ENB_APP/flexran_agent_common.c
@@ -818,6 +818,8 @@ int flexran_agent_rrc_measurement(mid_t mod_id, const void *params, Protocol__Fl
flexran_rrc_eNB_generate_defaultRRCConnectionReconfiguration(&ctxt, ue_context_p, 0, reconf_param);
}
*msg = NULL;
+ free(reconf_param);
+ reconf_param = NULL;
return 0;
}
diff --git a/openair2/ENB_APP/flexran_agent_handler.c b/openair2/ENB_APP/flexran_agent_handler.c
index 0c2c32e4d65d3312e98e889b5d2de2388a5c7047..6c2e6429eb5ec4f73eaa954f621ef2b3867f2a88 100644
--- a/openair2/ENB_APP/flexran_agent_handler.c
+++ b/openair2/ENB_APP/flexran_agent_handler.c
@@ -745,11 +745,14 @@ err_code_t flexran_agent_enable_cont_stats_update(mid_t mod_id,
Protocol__FlexranMessage *req_msg = NULL;
flexran_agent_stats_request(mod_id, xid, stats_req, &req_msg);
- stats_context[mod_id].stats_req = req_msg;
- stats_context[mod_id].prev_stats_reply = NULL;
- stats_context[mod_id].cont_update = 1;
- stats_context[mod_id].xid = xid;
+ if (req_msg != NULL) {
+ stats_context[mod_id].stats_req = req_msg;
+ stats_context[mod_id].prev_stats_reply = NULL;
+
+ stats_context[mod_id].cont_update = 1;
+ stats_context[mod_id].xid = xid;
+ }
if (pthread_mutex_unlock(stats_context[mod_id].mutex)) {
goto error;
diff --git a/openair2/ENB_APP/flexran_agent_task_manager.c b/openair2/ENB_APP/flexran_agent_task_manager.c
index 088ec618c7b3ba7b270faf84c1b90c28e486ed28..4a0fee1f5b8cba2ea81214b9accc4bdca63b10fd 100644
--- a/openair2/ENB_APP/flexran_agent_task_manager.c
+++ b/openair2/ENB_APP/flexran_agent_task_manager.c
@@ -77,6 +77,7 @@ flexran_agent_task_queue_t *flexran_agent_task_queue_init(mid_t mod_id, size_t c
if (queue == NULL)
goto error;
+ queue->mutex = NULL;
/* If no comparator was given, use the default one */
if (cmp == NULL)
queue->cmp = _flexran_agent_task_queue_cmp;
diff --git a/openair2/F1AP/f1ap_cu_interface_management.c b/openair2/F1AP/f1ap_cu_interface_management.c
index 941dc41a4deb816d30e01503d9d7963c0d90b274..48c5c2de1106fdfdc28c5fa96db7671f9f7fda21 100644
--- a/openair2/F1AP/f1ap_cu_interface_management.c
+++ b/openair2/F1AP/f1ap_cu_interface_management.c
@@ -248,6 +248,7 @@ int CU_handle_F1_SETUP_REQUEST(instance_t instance,
itti_send_msg_to_task(TASK_RRC_ENB, ENB_MODULE_ID_TO_INSTANCE(instance), message_p);
} else {
CU_send_F1_SETUP_FAILURE(instance);
+ itti_free(TASK_RRC_ENB,message_p);
return -1;
}
return 0;
@@ -370,6 +371,8 @@ int CU_send_F1_SETUP_RESPONSE(instance_t instance,
cells_to_be_activated_list_itemExtIEs);
cells_to_be_activated_list_item.iE_Extensions = (struct F1AP_ProtocolExtensionContainer*)&p_160P9_t;
+ free(gNB_CUSystemInformation);
+ gNB_CUSystemInformation = NULL;
}
/* ADD */
cells_to_be_activated_list_item_ies->value.choice.Cells_to_be_Activated_List_Item = cells_to_be_activated_list_item;
diff --git a/openair2/F1AP/f1ap_cu_rrc_message_transfer.c b/openair2/F1AP/f1ap_cu_rrc_message_transfer.c
index f32d5c8ed06b5717c6ea21c9772b5021901ba9e5..9bd04cc5e83f5dc626086ae18293e238cc0a6087 100644
--- a/openair2/F1AP/f1ap_cu_rrc_message_transfer.c
+++ b/openair2/F1AP/f1ap_cu_rrc_message_transfer.c
@@ -143,6 +143,7 @@ int CU_handle_INITIAL_UL_RRC_MESSAGE_TRANSFER(instance_t instance,
int f1ap_uid = f1ap_add_ue(&f1ap_cu_inst[rrc_inst], rrc_inst, CC_id, 0, rnti);
if (f1ap_uid < 0 ) {
LOG_E(F1AP, "Failed to add UE \n");
+ itti_free(ITTI_MSG_ORIGIN_ID(message_p), message_p);
return -1;
}
f1ap_cu_inst[rrc_inst].f1ap_ue[f1ap_uid].du_ue_f1ap_id = du_ue_f1ap_id;
diff --git a/openair2/F1AP/f1ap_du_rrc_message_transfer.c b/openair2/F1AP/f1ap_du_rrc_message_transfer.c
index fbc146f1a56e1b0e8ea83fc76c824879336f74df..19e06c860080c991445471d72c11fdc2cf3709f0 100644
--- a/openair2/F1AP/f1ap_du_rrc_message_transfer.c
+++ b/openair2/F1AP/f1ap_du_rrc_message_transfer.c
@@ -398,6 +398,9 @@ int DU_handle_DL_RRC_MESSAGE_TRANSFER(instance_t instance,
LTE_SRB_ToAddModList_t *SRB_configList = rrcConnectionReconfiguration_r8->radioResourceConfigDedicated->srb_ToAddModList;
LTE_DRB_ToReleaseList_t *DRB_ReleaseList = rrcConnectionReconfiguration_r8->radioResourceConfigDedicated->drb_ToReleaseList;
LTE_MAC_MainConfig_t *mac_MainConfig = NULL;
+ for (i = 0; i< 8; i++){
+ DRB2LCHAN[i] = 0;
+ }
if (rrcConnectionReconfiguration_r8->radioResourceConfigDedicated->mac_MainConfig)
mac_MainConfig = &rrcConnectionReconfiguration_r8->radioResourceConfigDedicated->mac_MainConfig->choice.explicitValue;
LTE_MeasGapConfig_t *measGapConfig = NULL;
diff --git a/openair2/LAYER2/MAC/config.c b/openair2/LAYER2/MAC/config.c
index 62c6c436308fbe17ee449def340224b17f23061d..ba1c1832cda208534df1b5bc7a5bef68ebddc048 100644
--- a/openair2/LAYER2/MAC/config.c
+++ b/openair2/LAYER2/MAC/config.c
@@ -144,6 +144,8 @@ uint32_t to_earfcn(int eutra_bandP, uint32_t dl_CarrierFreq, uint32_t bw) {
for (i = 0; i < BANDTABLE_SIZE && eutra_bandtable[i].band != eutra_bandP; i++);
+ AssertFatal(i < BANDTABLE_SIZE, "i %d >= BANDTABLE_SIZE %ld\n", i, BANDTABLE_SIZE);
+
AssertFatal(dl_CarrierFreq_by_100k >= eutra_bandtable[i].dl_min,
"Band %d, bw %u : DL carrier frequency %u Hz < %u\n",
eutra_bandP, bw, dl_CarrierFreq,
@@ -165,6 +167,7 @@ uint32_t to_earfcn_DL(int eutra_bandP, long long int dl_CarrierFreq, uint32_t bw
for (i = 0; i < BANDTABLE_SIZE && eutra_bandtable[i].band != eutra_bandP; i++);
+ AssertFatal(i < BANDTABLE_SIZE, "i = %d , it will trigger out-of-bounds read.\n",i);
AssertFatal(dl_CarrierFreq_by_100k >= eutra_bandtable[i].dl_min,
"Band %d, bw %u : DL carrier frequency %lld Hz < %u\n",
eutra_bandP, bw, dl_CarrierFreq,
@@ -186,6 +189,7 @@ uint32_t to_earfcn_UL(int eutra_bandP, long long int ul_CarrierFreq, uint32_t bw
for (i = 0; i < BANDTABLE_SIZE && eutra_bandtable[i].band != eutra_bandP; i++);
+ AssertFatal(i < BANDTABLE_SIZE, "i = %d , it will trigger out-of-bounds read.\n",i);
AssertFatal(ul_CarrierFreq_by_100k >= eutra_bandtable[i].ul_min,
"Band %d, bw %u : UL carrier frequency %lld Hz < %u\n",
eutra_bandP, bw, ul_CarrierFreq,
@@ -205,6 +209,8 @@ uint32_t from_earfcn(int eutra_bandP, uint32_t dl_earfcn) {
for (i = 0; i < BANDTABLE_SIZE && eutra_bandtable[i].band != eutra_bandP; i++);
+ AssertFatal(i < BANDTABLE_SIZE, "i %d >= BANDTABLE_SIZE %ld\n", i, BANDTABLE_SIZE);
+
return (eutra_bandtable[i].dl_min +
(dl_earfcn - (eutra_bandtable[i].N_OFFs_DL / 10))) * 100000;
}
@@ -215,6 +221,8 @@ int32_t get_uldl_offset(int eutra_bandP) {
for (i = 0; i < BANDTABLE_SIZE && eutra_bandtable[i].band != eutra_bandP; i++);
+ AssertFatal(i < BANDTABLE_SIZE, "i %d >= BANDTABLE_SIZE %ld\n", i, BANDTABLE_SIZE);
+
return (eutra_bandtable[i].dl_min - eutra_bandtable[i].ul_min);
}
diff --git a/openair2/LAYER2/MAC/eNB_scheduler_fairRR.c b/openair2/LAYER2/MAC/eNB_scheduler_fairRR.c
index 2626a0466496310b6f612e7c9359c272912b3d65..4c2e0b46a2827af6a08d56abeeb5e5985a0d5b8f 100644
--- a/openair2/LAYER2/MAC/eNB_scheduler_fairRR.c
+++ b/openair2/LAYER2/MAC/eNB_scheduler_fairRR.c
@@ -3014,8 +3014,9 @@ void schedule_ulsch_rnti_fairRR(module_id_t module_idP,
UE_list->eNB_UE_stats[CC_id][UE_id].ulsch_TBS=UE_template->TBS_UL[harq_pid];
if (mac_eNB_get_rrc_status(module_idP,rnti) < RRC_CONNECTED)
- LOG_D(MAC,"[eNB %d][PUSCH %d/%x] CC_id %d Frame %d subframeP %d Scheduled UE %d (mcs %d, first rb %d, nb_rb %d, rb_table_index %d, TBS %d, harq_pid %d)\n",
- module_idP,harq_pid,rnti,CC_id,frameP,subframeP,UE_id,mcs_rv,first_rb[CC_id],rb_table[rb_table_index],rb_table_index,UE_template->TBS_UL[harq_pid],harq_pid);
+ LOG_D(MAC,"[eNB %d][PUSCH %d/%x] CC_id %d Frame %d subframeP %d Scheduled UE %d (mcs %d, first rb %d, nb_rb %d, TBS %d, harq_pid %d)\n",
+ module_idP,harq_pid,rnti,CC_id,frameP,subframeP,UE_id,mcs_rv,first_rb[CC_id],ulsch_ue_select[CC_id].list[ulsch_ue_num].nb_rb,UE_template->TBS_UL[harq_pid],harq_pid);
+
// bad indices : 20 (40 PRB), 21 (45 PRB), 22 (48 PRB)
//store for possible retransmission
diff --git a/openair2/LAYER2/MAC/eNB_scheduler_mch.c b/openair2/LAYER2/MAC/eNB_scheduler_mch.c
index faf36026d62e8346a0adac000a01125bb4f2b5e3..cf358752e88f2ec96585f335bab49a583dde1a20 100644
--- a/openair2/LAYER2/MAC/eNB_scheduler_mch.c
+++ b/openair2/LAYER2/MAC/eNB_scheduler_mch.c
@@ -65,7 +65,7 @@ get_mbsfn_sf_alloction(module_id_t module_idP, uint8_t CC_id,
uint8_t mbsfn_sync_area)
{
// currently there is one-to-one mapping between sf allocation pattern and sync area
- if (mbsfn_sync_area > MAX_MBSFN_AREA) {
+ if (mbsfn_sync_area >= MAX_MBSFN_AREA) {
LOG_W(MAC,
"[eNB %d] CC_id %d MBSFN synchronization area %d out of range\n ",
module_idP, CC_id, mbsfn_sync_area);
diff --git a/openair2/LAYER2/MAC/eNB_scheduler_primitives.c b/openair2/LAYER2/MAC/eNB_scheduler_primitives.c
index afeb151f9aea67de11b08242672176469f4b4833..85fd84a305c4b5c22bada80b89980d6d95201d65 100644
--- a/openair2/LAYER2/MAC/eNB_scheduler_primitives.c
+++ b/openair2/LAYER2/MAC/eNB_scheduler_primitives.c
@@ -5139,8 +5139,8 @@ nack_or_dtx_reported(COMMON_channels_t *cc,
if (cc->tdd_Config) {
nfapi_harq_indication_tdd_rel13_t *hi = &harq_pdu->harq_indication_tdd_rel13;
- for (i = 0; i < hi->number_of_ack_nack; hi++) {
- if (hi->harq_data[0].bundling.value_0 != 1) //only bundling is used for tdd for now
+ for (i = 0; i < hi->number_of_ack_nack; i++) {
+ if (hi->harq_data[i].bundling.value_0 != 1) //only bundling is used for tdd for now
return 1;
}
@@ -5149,7 +5149,7 @@ nack_or_dtx_reported(COMMON_channels_t *cc,
nfapi_harq_indication_fdd_rel13_t *hi = &harq_pdu->harq_indication_fdd_rel13;
- for (i = 0; i < hi->number_of_ack_nack; hi++) {
+ for (i = 0; i < hi->number_of_ack_nack; i++) {
if (hi->harq_tb_n[i] != 1)
return 1;
}
diff --git a/openair2/LAYER2/MAC/pre_processor.c b/openair2/LAYER2/MAC/pre_processor.c
index f68db9ffec26af251aefb555e435347902f8cb10..a162dd5bd611dbe5f1b97de1649cd3437ef245b5 100644
--- a/openair2/LAYER2/MAC/pre_processor.c
+++ b/openair2/LAYER2/MAC/pre_processor.c
@@ -280,6 +280,8 @@ maxround(module_id_t Mod_id, uint16_t rnti, int frame,
for (CC_id = 0; CC_id < RC.nb_mac_CC[Mod_id]; CC_id++) {
cc = &RC.mac[Mod_id]->common_channels[CC_id];
UE_id = find_UE_id(Mod_id, rnti);
+ if(UE_id == -1)
+ continue;
harq_pid = frame_subframe2_dl_harq_pid(cc->tdd_Config,frame,subframe);
round = UE_list->UE_sched_ctrl[UE_id].round[CC_id][harq_pid];
@@ -302,6 +304,8 @@ maxround_ul(module_id_t Mod_id, uint16_t rnti, int sched_frame,
for (CC_id = 0; CC_id < RC.nb_mac_CC[Mod_id]; CC_id++) {
cc = &RC.mac[Mod_id]->common_channels[CC_id];
UE_id = find_UE_id(Mod_id, rnti);
+ if(UE_id == -1)
+ continue;
harq_pid = subframe2harqpid(cc, sched_frame, sched_subframe);
round = UE_list->UE_sched_ctrl[UE_id].round_UL[CC_id][harq_pid];
diff --git a/openair2/LAYER2/PDCP_v10.1.0/pdcp_fifo.c b/openair2/LAYER2/PDCP_v10.1.0/pdcp_fifo.c
index b2a7e9ddfc56dde1f7df36c2ca9fd783509b5459..dc1799ccb625f7e22fe66e0d8f5d600574ad1a64 100644
--- a/openair2/LAYER2/PDCP_v10.1.0/pdcp_fifo.c
+++ b/openair2/LAYER2/PDCP_v10.1.0/pdcp_fifo.c
@@ -504,7 +504,7 @@ void pdcp_fifo_read_input_sdus_frompc5s (const protocol_ctxt_t *const ctxt_pP)
//int optval;
int bytes_received;
sidelink_pc5s_element *sl_pc5s_msg_send = NULL;
- pc5s_header_t *pc5s_header;
+ pc5s_header_t *pc5s_header = NULL;
rb_id_t rab_id = 0;
//TTN for D2D (PC5S)
// receive a message from ProSe App
@@ -680,6 +680,10 @@ void pdcp_fifo_read_input_sdus_frompc5s (const protocol_ctxt_t *const ctxt_pP)
break;
} /* end of switch */
}/* end of bytes_received > 0 */
+ if (pc5s_header != NULL) {
+ free(pc5s_header);
+ pc5s_header = NULL;
+ }
} /* pdcp_fifo_read_input_sdus_frompc5s */
//-----------------------------------------------------------------------------
diff --git a/openair2/LAYER2/RLC/AM_v9.3.0/rlc_am.c b/openair2/LAYER2/RLC/AM_v9.3.0/rlc_am.c
index 30173b62ffacf81ebead5d3edca31e941a5b54e9..5f6e15d281efe5f819aafc1af2c6d05a80e8fc2e 100644
--- a/openair2/LAYER2/RLC/AM_v9.3.0/rlc_am.c
+++ b/openair2/LAYER2/RLC/AM_v9.3.0/rlc_am.c
@@ -811,6 +811,7 @@ rlc_am_mac_data_request (
tb_p = tb_p->next;
} /* while */
} /* MESSAGE_CHART_GENERATOR && data_req.data.nb_elements > 0 */
+ data_req.buffer_occupancy_in_pdus = 0;
return data_req;
}
diff --git a/openair2/LAYER2/RLC/TM_v9.3.0/rlc_tm.c b/openair2/LAYER2/RLC/TM_v9.3.0/rlc_tm.c
index dbd1469590c40a2950c18f717114f4aff11b673b..e481550a4604dd508575ba89271b5c71764a881a 100644
--- a/openair2/LAYER2/RLC/TM_v9.3.0/rlc_tm.c
+++ b/openair2/LAYER2/RLC/TM_v9.3.0/rlc_tm.c
@@ -161,6 +161,7 @@ rlc_tm_mac_status_indication (
status_resp.buffer_occupancy_in_bytes = ((rlc_tm_entity_t *) rlc_pP)->buffer_occupancy;
status_resp.buffer_occupancy_in_pdus = status_resp.buffer_occupancy_in_bytes / ((rlc_tm_entity_t *) rlc_pP)->rlc_pdu_size;
status_resp.rlc_info.rlc_protocol_state = ((rlc_tm_entity_t *) rlc_pP)->protocol_state;
+ status_resp.head_sdu_creation_time = 0;
return status_resp;
}
@@ -185,6 +186,7 @@ rlc_tm_mac_data_request (
PROTOCOL_RLC_TM_CTXT_ARGS(ctxt_pP, rlc_p),
data_req.data.nb_elements);
}
+ data_req.ue_id_type_indicator = 0;
return data_req;
}
diff --git a/openair2/LAYER2/RLC/UM_v9.3.0/rlc_um.c b/openair2/LAYER2/RLC/UM_v9.3.0/rlc_um.c
index b59a6025f51bc2e3748e65355293af5bc4eb0eae..66a544f96287c20a875d69277780e7cb1d4f2940 100644
--- a/openair2/LAYER2/RLC/UM_v9.3.0/rlc_um.c
+++ b/openair2/LAYER2/RLC/UM_v9.3.0/rlc_um.c
@@ -582,6 +582,7 @@ rlc_um_mac_data_request (const protocol_ctxt_t *const ctxt_pP, void *rlc_pP,cons
} /* while (tb_p != NULL) */
} /* if (data_req.data.nb_elements > 0) */
+ data_req.buffer_occupancy_in_pdus = 0;
return data_req;
}
diff --git a/openair2/LAYER2/RLC/UM_v9.3.0/rlc_um_dar.c b/openair2/LAYER2/RLC/UM_v9.3.0/rlc_um_dar.c
index a0569b7f00d4f8c456b6c3840dbe7a193dc9d064..f37626ae4c51f8b4a3c17db863b7c53e9abf8136 100644
--- a/openair2/LAYER2/RLC/UM_v9.3.0/rlc_um_dar.c
+++ b/openair2/LAYER2/RLC/UM_v9.3.0/rlc_um_dar.c
@@ -1038,6 +1038,8 @@ rlc_um_receive_process_dar (
sn = pdu_pP->b1 & 0x1F;
} else {
free_mem_block(pdu_mem_pP, __func__);
+ pdu_mem_pP = NULL;
+ return;
}
RLC_UM_MUTEX_LOCK(&rlc_pP->lock_dar_buffer, ctxt_pP, rlc_pP);
diff --git a/openair2/RRC/LTE/MESSAGES/asn1_msg.c b/openair2/RRC/LTE/MESSAGES/asn1_msg.c
index b28a3cee50fdd0a02d2a3625ed8a7e9a867ca0b7..ecb21dae6cf68f3f81d1f9fb87e61c54670508ce 100644
--- a/openair2/RRC/LTE/MESSAGES/asn1_msg.c
+++ b/openair2/RRC/LTE/MESSAGES/asn1_msg.c
@@ -4517,6 +4517,7 @@ uint8_t do_MeasurementReport(uint8_t Mod_id, uint8_t *buffer,int measid,int phy_
meas2.rsrpResult=&(rsrp_t);
//&rsrp_va;
meas2.rsrqResult=&(rsrq_t);
+ meas2.ext1 = NULL;
measresulteutra2->measResult=meas2;
ASN_SEQUENCE_ADD(&measResultListEUTRA2->list,measresulteutra2);
measurementReport->criticalExtensions.choice.c1.choice.measurementReport_r8.measResults.measResultNeighCells->choice.measResultListEUTRA=*(measResultListEUTRA2);
@@ -4534,9 +4535,14 @@ uint8_t do_MeasurementReport(uint8_t Mod_id, uint8_t *buffer,int measid,int phy_
if(enc_rval.encoded == -1) {
LOG_I(RRC, "[eNB AssertFatal]ASN1 message encoding failed (%s, %lu)!\n",
enc_rval.failed_type->name, enc_rval.encoded);
+ free(measResultListEUTRA2);
+ measResultListEUTRA2 = NULL;
return -1;
}
+ free(measResultListEUTRA2);
+ measResultListEUTRA2 = NULL;
+
return((enc_rval.encoded+7)/8);
}
diff --git a/openair2/RRC/LTE/rrc_eNB.c b/openair2/RRC/LTE/rrc_eNB.c
index a2eb2e158dfe34a5ef8511ce18c7507a3efb4312..230b9511f0df195478bfb8f8ed1bffe526d78111 100644
--- a/openair2/RRC/LTE/rrc_eNB.c
+++ b/openair2/RRC/LTE/rrc_eNB.c
@@ -2381,6 +2381,12 @@ rrc_eNB_generate_dedicatedRRCConnectionReconfiguration(const protocol_ctxt_t *co
ue_context_pP->ue_context.e_rab[i].status = E_RAB_STATUS_FAILED;
ue_context_pP->ue_context.e_rab[i].xid = xid;
e_rab_done++;
+ free(DRB_pdcp_config->discardTimer);
+ free(DRB_pdcp_config);
+ free(DRB_rlc_config);
+ free(DRB_config->logicalChannelIdentity);
+ free(DRB_config->eps_BearerIdentity);
+ free(DRB_config);
continue;
}
@@ -3542,6 +3548,21 @@ void rrc_eNB_generate_defaultRRCConnectionReconfiguration(const protocol_ctxt_t
size,
buffer,
PDCP_TRANSMISSION_MODE_CONTROL);
+
+ free(Sparams);
+ Sparams = NULL;
+
+ free(quantityConfig->quantityConfigEUTRA->filterCoefficientRSRP);
+ quantityConfig->quantityConfigEUTRA->filterCoefficientRSRP = NULL;
+
+ free(quantityConfig->quantityConfigEUTRA->filterCoefficientRSRQ);
+ quantityConfig->quantityConfigEUTRA->filterCoefficientRSRQ = NULL;
+
+ free(quantityConfig->quantityConfigEUTRA);
+ quantityConfig->quantityConfigEUTRA = NULL;
+
+ free(quantityConfig);
+ quantityConfig = NULL;
}
//-----------------------------------------------------------------------------
@@ -5628,6 +5649,24 @@ rrc_eNB_generate_HO_RRCConnectionReconfiguration(const protocol_ctxt_t *const ct
ue_context_pP->ue_context.rnti,
rrc_eNB_mui,
size);
+
+ free(quantityConfig->quantityConfigEUTRA->filterCoefficientRSRQ);
+ quantityConfig->quantityConfigEUTRA->filterCoefficientRSRQ = NULL;
+
+ free(quantityConfig->quantityConfigEUTRA->filterCoefficientRSRP);
+ quantityConfig->quantityConfigEUTRA->filterCoefficientRSRP = NULL;
+
+ free(quantityConfig->quantityConfigEUTRA);
+ quantityConfig->quantityConfigEUTRA = NULL;
+
+ free(quantityConfig);
+ quantityConfig = NULL;
+
+ free(securityConfigHO);
+ securityConfigHO = NULL;
+
+ free(Sparams);
+ Sparams = NULL;
}
void
@@ -5771,6 +5810,10 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete(
if (!NODE_IS_CU(RC.rrc[ctxt_pP->module_id]->node_type)) {
/* CDRX: activated if ack was expected */
int UE_id_mac = find_UE_id(ctxt_pP->module_id, ue_context_pP->ue_context.rnti);
+ if (UE_id_mac == -1){
+ LOG_E(RRC,PROTOCOL_RRC_CTXT_UE_FMT" rrc_eNB_process_RRCConnectionReconfigurationComplete without UE_id(MAC) rnti %x, let's return\n",PROTOCOL_RRC_CTXT_UE_ARGS(ctxt_pP),ue_context_pP->ue_context.rnti);
+ return;
+ }
UE_sched_ctrl *UE_scheduling_control = &(RC.mac[ctxt_pP->module_id]->UE_list.UE_sched_ctrl[UE_id_mac]);
if (UE_scheduling_control->cdrx_waiting_ack == TRUE) {
@@ -6577,12 +6620,12 @@ rrc_eNB_decode_ccch(
if (reestablish_rnti_map[i][0] == 0) {
reestablish_rnti_map[i][0] = ctxt_pP->rnti;
reestablish_rnti_map[i][1] = c_rnti;
+ LOG_D(RRC, "reestablish_rnti_map[%d] [0] %x, [1] %x\n",
+ i, reestablish_rnti_map[i][0], reestablish_rnti_map[i][1]);
break;
}
}
- LOG_D(RRC, "reestablish_rnti_map[%d] [0] %x, [1] %x\n",
- i, reestablish_rnti_map[i][0], reestablish_rnti_map[i][1]);
ue_context_p->ue_context.reestablishment_cause = rrcConnectionReestablishmentRequest->reestablishmentCause;
LOG_D(RRC, PROTOCOL_RRC_CTXT_UE_FMT" Accept connection reestablishment request from UE physCellId %ld cause %ld\n",
PROTOCOL_RRC_CTXT_UE_ARGS(ctxt_pP),
@@ -7221,13 +7264,12 @@ rrc_eNB_decode_dcch(
// clear currentC-RNTI from map
reestablish_rnti_map[i][0] = 0;
reestablish_rnti_map[i][1] = 0;
+ LOG_D(RRC, "reestablish_rnti_map[%d] [0] %x, [1] %x\n",
+ i, reestablish_rnti_map[i][0], reestablish_rnti_map[i][1]);
break;
}
}
- LOG_D(RRC, "reestablish_rnti_map[%d] [0] %x, [1] %x\n",
- i, reestablish_rnti_map[i][0], reestablish_rnti_map[i][1]);
-
if (!ue_context_p) {
LOG_E(RRC,
PROTOCOL_RRC_CTXT_UE_FMT" LTE_RRCConnectionReestablishmentComplete without UE context, falt\n",
@@ -8401,6 +8443,9 @@ rrc_eNB_process_SidelinkUEInformation(
//generate RRC Reconfiguration
rrc_eNB_generate_RRCConnectionReconfiguration_Sidelink(ctxt_pP, ue_context_pP, destinationInfoList, 0);
+
+ free(destinationInfoList);
+ destinationInfoList = NULL;
return 0;
}
@@ -8419,6 +8464,9 @@ rrc_eNB_process_SidelinkUEInformation(
//generate RRC Reconfiguration
rrc_eNB_generate_RRCConnectionReconfiguration_Sidelink(ctxt_pP, ue_context_pP, destinationInfoList, 0);
+
+ free(destinationInfoList);
+ destinationInfoList = NULL;
return 0;
}
}
@@ -8440,6 +8488,9 @@ rrc_eNB_process_SidelinkUEInformation(
//generate RRC Reconfiguration
rrc_eNB_generate_RRCConnectionReconfiguration_Sidelink(ctxt_pP, ue_context_pP, destinationInfoList, 0);
+
+ free(destinationInfoList);
+ destinationInfoList = NULL;
return 0;
}
}
@@ -8461,6 +8512,9 @@ rrc_eNB_process_SidelinkUEInformation(
//generate RRC Reconfiguration
rrc_eNB_generate_RRCConnectionReconfiguration_Sidelink(ctxt_pP, ue_context_pP, destinationInfoList, 0);
+
+ free(destinationInfoList);
+ destinationInfoList = NULL;
return 0;
}
}
@@ -8572,9 +8626,10 @@ rrc_eNB_generate_RRCConnectionReconfiguration_Sidelink(
LTE_SL_CommConfig_r12_t rrc_eNB_get_sidelink_commTXPool( const protocol_ctxt_t *const ctxt_pP, rrc_eNB_ue_context_t *const ue_context_pP, LTE_SL_DestinationInfoList_r12_t *destinationInfoList ) {
// for the moment, use scheduled resource allocation
- LTE_SL_CommConfig_r12_t *sl_CommConfig;
+ LTE_SL_CommConfig_r12_t sl_CommConfig_r12;
+ LTE_SL_CommConfig_r12_t *sl_CommConfig = &sl_CommConfig_r12;
LTE_SL_CommResourcePool_r12_t *sc_CommTxConfig;
- sl_CommConfig = CALLOC(1, sizeof(struct LTE_SL_CommConfig_r12));
+ memset(sl_CommConfig,0,sizeof(LTE_SL_CommConfig_r12_t));
sl_CommConfig->commTxResources_r12 = CALLOC(1, sizeof(*sl_CommConfig->commTxResources_r12));
sl_CommConfig->commTxResources_r12->present = LTE_SL_CommConfig_r12__commTxResources_r12_PR_setup;
sl_CommConfig->commTxResources_r12->choice.setup.present = LTE_SL_CommConfig_r12__commTxResources_r12__setup_PR_scheduled_r12;
diff --git a/openair2/RRC/LTE/rrc_eNB_S1AP.c b/openair2/RRC/LTE/rrc_eNB_S1AP.c
index ddcd6983c8e3911a7fda83e42cbcd8c4aae92075..dabe5b1524638ae853db20df68e8cdea9af3d55c 100644
--- a/openair2/RRC/LTE/rrc_eNB_S1AP.c
+++ b/openair2/RRC/LTE/rrc_eNB_S1AP.c
@@ -918,7 +918,7 @@ rrc_eNB_process_S1AP_DOWNLINK_NAS(
rrc_data_req (
&ctxt,
srb_id,
- *rrc_eNB_mui++,
+ (*rrc_eNB_mui)++,
SDU_CONFIRM_NO,
length,
buffer,
@@ -1634,6 +1634,8 @@ int rrc_eNB_send_S1AP_E_RAB_MODIFY_RESP(const protocol_ctxt_t *const ctxt_pP,
S1AP_E_RAB_MODIFY_RESP (msg_p).eNB_ue_s1ap_id,
e_rabs_done, e_rabs_failed);
itti_send_msg_to_task (TASK_S1AP, ctxt_pP->instance, msg_p);
+ } else {
+ itti_free (ITTI_MSG_ORIGIN_ID(msg_p), msg_p);
}
return 0;
@@ -2031,6 +2033,8 @@ int rrc_eNB_send_PATH_SWITCH_REQ(const protocol_ctxt_t *const ctxt_pP,
S1AP_PATH_SWITCH_REQ (msg_p).eNB_ue_s1ap_id,
e_rabs_done);
itti_send_msg_to_task (TASK_S1AP, ctxt_pP->instance, msg_p);
+ } else {
+ itti_free(ITTI_MSG_ORIGIN_ID(msg_p), msg_p);
}
return 0;
diff --git a/openair2/UTIL/ASYNC_IF/socket_link.c b/openair2/UTIL/ASYNC_IF/socket_link.c
index 571762493014b8ca8a19b9de2288f574f155b3e7..51c55116752ca0ae52e465bd4f77e3de7c86165f 100644
--- a/openair2/UTIL/ASYNC_IF/socket_link.c
+++ b/openair2/UTIL/ASYNC_IF/socket_link.c
@@ -218,6 +218,7 @@ error:
socket_link_t *new_link_udp_client(const char *server, int port){
+ int s = -1;
socket_link_t *ret = NULL;
ret = calloc(1, sizeof(socket_link_t));
if (ret == NULL) {
@@ -227,7 +228,6 @@ socket_link_t *new_link_udp_client(const char *server, int port){
ret->socket_fd = -1;
struct sockaddr_in si_other;
- int s;
socklen_t slen = sizeof(si_other);
if ( (s=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1){
@@ -254,8 +254,12 @@ socket_link_t *new_link_udp_client(const char *server, int port){
return ret;
error:
if (ret != NULL) {
- close(ret->socket_fd);
free(ret);
+ ret = NULL;
+ }
+ if (s != -1) {
+ close(s);
+ s = -1;
}
LOG_E(MAC, "ERROR in new_link_udp_client (see above), returning NULL\n");
return NULL;
diff --git a/openair2/X2AP/x2ap_eNB_handler.c b/openair2/X2AP/x2ap_eNB_handler.c
index dd59791ec94f75898ea9fb33da808dff6590cc95..ad1cac04793e9a2cc28bfab9abdac6de37b98a96 100644
--- a/openair2/X2AP/x2ap_eNB_handler.c
+++ b/openair2/X2AP/x2ap_eNB_handler.c
@@ -785,6 +785,7 @@ int x2ap_eNB_handle_handover_response (instance_t instance,
if (ue_id != x2ap_find_id_from_id_source(&instance_p->id_manager, id_source)) {
X2AP_WARN("incorrect/unknown X2AP IDs for UE (old ID %d new ID %d), ignoring handover response\n",
id_source, id_target);
+ itti_free(ITTI_MSG_ORIGIN_ID(msg), msg);
return 0;
}
@@ -873,6 +874,7 @@ int x2ap_eNB_handle_ue_context_release (instance_t instance,
if (ue_id != x2ap_find_id_from_id_source(&instance_p->id_manager, id_source)) {
X2AP_WARN("incorrect/unknown X2AP IDs for UE (old ID %d new ID %d), ignoring UE context release\n",
id_source, id_target);
+ itti_free(ITTI_MSG_ORIGIN_ID(msg), msg);
return 0;
}
@@ -882,6 +884,7 @@ int x2ap_eNB_handle_ue_context_release (instance_t instance,
id_source,
x2ap_id_get_id_target(&instance_p->id_manager, ue_id),
id_target);
+ itti_free(ITTI_MSG_ORIGIN_ID(msg), msg);
return 0;
}
diff --git a/openair3/GTPV1-U/gtpv1u_eNB.c b/openair3/GTPV1-U/gtpv1u_eNB.c
index b04d0dbf286565c01d17a60ec7b0fb2f65c7030d..fcadb0530e45be25a03b1985234ffa95cbd2c91a 100644
--- a/openair3/GTPV1-U/gtpv1u_eNB.c
+++ b/openair3/GTPV1-U/gtpv1u_eNB.c
@@ -882,7 +882,7 @@ int gtpv1u_eNB_init(void) {
* nw-gtpv1u stack.
*/
ulp.ulpReqCallback = gtpv1u_eNB_process_stack_req;
-
+ memset((void *)&(ulp.hUlp), 0, sizeof(NwGtpv1uUlpHandleT));
if ((rc = nwGtpv1uSetUlpEntity(RC.gtpv1u_data_g->gtpv1u_stack, &ulp)) != NW_GTPV1U_OK) {
LOG_E(GTPU, "nwGtpv1uSetUlpEntity: %x", rc);
return -1;
@@ -892,14 +892,14 @@ int gtpv1u_eNB_init(void) {
* We provide a wrapper to UDP task.
*/
udp.udpDataReqCallback = gtpv1u_eNB_send_udp_msg;
-
+ memset((void *)&(udp.hUdp), 0, sizeof(NwGtpv1uUdpHandleT));
if ((rc = nwGtpv1uSetUdpEntity(RC.gtpv1u_data_g->gtpv1u_stack, &udp)) != NW_GTPV1U_OK) {
LOG_E(GTPU, "nwGtpv1uSetUdpEntity: %x", rc);
return -1;
}
log.logReqCallback = gtpv1u_eNB_log_request;
-
+ memset((void *)&(log.logMgrHandle), 0, sizeof(NwGtpv1uLogMgrHandleT));
if ((rc = nwGtpv1uSetLogMgrEntity(RC.gtpv1u_data_g->gtpv1u_stack, &log)) != NW_GTPV1U_OK) {
LOG_E(GTPU, "nwGtpv1uSetLogMgrEntity: %x", rc);
return -1;
diff --git a/openair3/NAS/COMMON/UTIL/device.c b/openair3/NAS/COMMON/UTIL/device.c
index f8f1b9727b0049000cfff7efed5cc94ff36c3067..41085f0e244e6ada47776eb17088b368ed5209be 100644
--- a/openair3/NAS/COMMON/UTIL/device.c
+++ b/openair3/NAS/COMMON/UTIL/device.c
@@ -125,6 +125,7 @@ void* device_open(int type, const char* devpath, const char* params)
if (stty_set(fd, params) != RETURNok) {
device_close(devid);
devid = NULL;
+ close(fd);
}
}
}
diff --git a/openair3/NAS/COMMON/UTIL/socket.c b/openair3/NAS/COMMON/UTIL/socket.c
index 8ec3227e20a45831a9dc2404460014ef19efffe4..25876c3e6ff2e42ec17f7713780cd486f3d679eb 100644
--- a/openair3/NAS/COMMON/UTIL/socket.c
+++ b/openair3/NAS/COMMON/UTIL/socket.c
@@ -221,6 +221,8 @@ void* socket_udp_open(int type, const char* host, const char* port)
sid->type = type;
sid->port = atoi (port);
sid->fd = sfd;
+ } else {
+ close (sfd);
}
return sid;
diff --git a/openair3/NAS/UE/API/USER/user_api.c b/openair3/NAS/UE/API/USER/user_api.c
index b3bd976b710c3d827cc4b4f773d28a55c99a27c3..4d47a4c2b322d5a7af8164c4fce4bd1e951ea545 100644
--- a/openair3/NAS/UE/API/USER/user_api.c
+++ b/openair3/NAS/UE/API/USER/user_api.c
@@ -276,7 +276,7 @@ int user_api_set_data(user_api_id_t *user_api_id, char *message)
memset(user_api_id->recv_buffer, 0, USER_API_RECV_BUFFER_SIZE);
- strncpy(user_api_id->recv_buffer, message, USER_API_RECV_BUFFER_SIZE);
+ strncpy(user_api_id->recv_buffer, message, USER_API_RECV_BUFFER_SIZE - 1);
rbytes = strlen(user_api_id->recv_buffer);
LOG_TRACE(INFO, "USR-API - %d bytes write", rbytes);
diff --git a/openair3/NAS/UE/API/USIM/usim_api.c b/openair3/NAS/UE/API/USIM/usim_api.c
index d8a3807ab3dfa5c944bc89f883790ef106fad173..b882689f9b072e34f53438ec97af067fc09206cb 100644
--- a/openair3/NAS/UE/API/USIM/usim_api.c
+++ b/openair3/NAS/UE/API/USIM/usim_api.c
@@ -268,9 +268,9 @@ int usim_api_authenticate_test(usim_data_t *usim_data,
printf("usim_data->usim_sqn_data.sqn_ms %p\n", usim_data->usim_sqn_data.sqn_ms);
for (i = 0; i < USIM_API_SQNMS_SIZE; i++) {
//#warning "LG:BUG HERE TODO"
- printf("i %d: ((uint8_t*)(usim_data->usim_sqn_data.sqn_ms))[USIM_API_SQNMS_SIZE - i] %d\n",i, ((uint8_t*)(usim_data->usim_sqn_data.sqn_ms))[USIM_API_SQNMS_SIZE - i]);
- sqn_ms[USIM_API_SQNMS_SIZE - i] =
- ((uint8_t*)(usim_data->usim_sqn_data.sqn_ms))[USIM_API_SQNMS_SIZE - i];
+ printf("i %d: ((uint8_t*)(usim_data->usim_sqn_data.sqn_ms))[USIM_API_SQNMS_SIZE - 1 - i] %d\n",i, ((uint8_t*)(usim_data->usim_sqn_data.sqn_ms))[USIM_API_SQNMS_SIZE - 1 - i]);
+ sqn_ms[USIM_API_SQNMS_SIZE - 1 - i] =
+ ((uint8_t*)(usim_data->usim_sqn_data.sqn_ms))[USIM_API_SQNMS_SIZE - 1 - i];
}
u8 sqnms[USIM_API_SQNMS_SIZE];
@@ -409,7 +409,7 @@ int usim_api_authenticate(usim_data_t *usim_data, const OctetString* rand_pP, co
//#define USIM_API_SQN_MS_SIZE 3
printf("usim_data->usim_sqn.sqn_ms %p\n",usim_data->usim_sqn_data.sqn_ms);
- for (i = 0; i < USIM_API_SQNMS_SIZE; i++) {
+ for (i = 1; i <= USIM_API_SQNMS_SIZE; i++) {
//#warning "LG:BUG HERE TODO"
printf("i %d: ((uint8_t*)(usim_data->usim_sqn_data.sqn_ms))[USIM_API_SQNMS_SIZE - i] %d\n",i, ((uint8_t*)(usim_data->usim_sqn_data.sqn_ms))[USIM_API_SQNMS_SIZE - i]);
sqn_ms[USIM_API_SQNMS_SIZE - i] =
diff --git a/openair3/NAS/UE/EMM/SAP/emm_as.c b/openair3/NAS/UE/EMM/SAP/emm_as.c
index c73fed2fed911e07b9d3613a2ad010733b778e3d..99a3763dea30efa3df76113fc35dcf447457845f 100644
--- a/openair3/NAS/UE/EMM/SAP/emm_as.c
+++ b/openair3/NAS/UE/EMM/SAP/emm_as.c
@@ -437,6 +437,7 @@ static int _emm_as_data_ind(nas_user_t *user, const emm_as_data_t *msg, int *emm
if (bytes < 0) {
/* Failed to decrypt the message */
*emm_cause = EMM_CAUSE_PROTOCOL_ERROR;
+ free(plain_msg);
LOG_FUNC_RETURN (bytes);
} else if (header.protocol_discriminator ==
EPS_MOBILITY_MANAGEMENT_MESSAGE) {
diff --git a/openair3/NAS/UE/ESM/EpsBearerContextDeactivation.c b/openair3/NAS/UE/ESM/EpsBearerContextDeactivation.c
index 1a7328a81fd36e0cf6cf2791fedafaffac772a18..5adbae05c6fee7337d18522f57b6101f8969d891 100644
--- a/openair3/NAS/UE/ESM/EpsBearerContextDeactivation.c
+++ b/openair3/NAS/UE/ESM/EpsBearerContextDeactivation.c
@@ -195,6 +195,8 @@ int esm_proc_eps_bearer_context_deactivate_request(nas_user_t *user, int ebi, in
int pid, bid;
int rc = RETURNok;
esm_data_t *esm_data = user->esm_data;
+ bid = 0;
+ pid = 0;
LOG_TRACE(INFO, "ESM-PROC - EPS bearer context deactivation "
"requested by the network (ebi=%d)", ebi);
diff --git a/openair3/S1AP/s1ap_eNB_handlers.c b/openair3/S1AP/s1ap_eNB_handlers.c
index 18c6d98601cb93c3fa46de4be02522a8b3cf6da3..e2396d015f6734089731f81166f7bae7f9d2eb3b 100644
--- a/openair3/S1AP/s1ap_eNB_handlers.c
+++ b/openair3/S1AP/s1ap_eNB_handlers.c
@@ -1212,6 +1212,7 @@ int s1ap_eNB_handle_paging(uint32_t assoc_id,
} else {
/* invalid paging_p->cnDomain */
S1AP_ERROR("[SCTP %d] Received Paging : cnDomain(%ld) is unknown\n", assoc_id, ie->value.choice.CNDomain);
+ itti_free (ITTI_MSG_ORIGIN_ID(message_p), message_p);
return -1;
}
} else {
@@ -1342,6 +1343,7 @@ int s1ap_eNB_handle_e_rab_modify_request(uint32_t assoc_id,
S1AP_E_RAB_MODIFY_RESP(message_p).nb_of_e_rabs_failed = nb_of_e_rabs_failed;
s1ap_eNB_e_rab_modify_resp(mme_desc_p->s1ap_eNB_instance->instance,
&S1AP_E_RAB_MODIFY_RESP(message_p));
+ itti_free(TASK_RRC_ENB,message_p);
message_p = NULL;
return -1;
}
@@ -1543,6 +1545,7 @@ int s1ap_eNB_handle_s1_path_switch_request_ack(uint32_t assoc_id,
S1AP_ERROR("[SCTP %d] Received path switch request ack for non "
"existing UE context 0x%06lx\n", assoc_id,
ie->value.choice.ENB_UE_S1AP_ID);
+ itti_free(ITTI_MSG_ORIGIN_ID(message_p), message_p);
return -1;
}
diff --git a/openair3/SCTP/sctp_eNB_task.c b/openair3/SCTP/sctp_eNB_task.c
index 4b0945f5eaaccedacf4b45810900e1a8cc35987a..e93488817832d9e52a59a14b9603f2c52cfe351c 100644
--- a/openair3/SCTP/sctp_eNB_task.c
+++ b/openair3/SCTP/sctp_eNB_task.c
@@ -580,6 +580,7 @@ sctp_handle_new_association_req(
addr6.sin6_family = AF_INET6;
addr6.sin6_addr = in6addr_any;
addr6.sin6_port = htons(sctp_new_association_req_p->port);
+ addr6.sin6_flowinfo = 0;
if (bind(sd, (struct sockaddr*)&addr6, sizeof(addr6)) < 0) {
SCTP_ERROR("Failed to bind the socket to address any (v4/v6): %s\n",
@@ -763,6 +764,10 @@ static int sctp_create_new_listener(
if (setsockopt(sd, IPPROTO_SCTP, SCTP_EVENTS, &event,
sizeof(struct sctp_event_subscribe)) < 0) {
SCTP_ERROR("setsockopt: %s:%d\n", strerror(errno), errno);
+ if (sd != -1) {
+ close(sd);
+ sd = -1;
+ }
free(addr);
return -1;
}
@@ -795,11 +800,15 @@ static int sctp_create_new_listener(
if (sctp_bindx(sd, addr, used_addresses, SCTP_BINDX_ADD_ADDR) != 0) {
SCTP_ERROR("sctp_bindx: %s:%d\n", strerror(errno), errno);
+ free(sctp_cnx);
+ sctp_cnx = NULL;
return -1;
}
if (listen(sd, 5) < 0) {
SCTP_ERROR("listen: %s:%d\n", strerror(errno), errno);
+ free(sctp_cnx);
+ sctp_cnx = NULL;
return -1;
}
@@ -818,6 +827,16 @@ err:
sd = -1;
}
+ if (sctp_cnx != NULL) {
+ free(sctp_cnx);
+ sctp_cnx = NULL;
+ }
+
+ if (addr != NULL) {
+ free(addr);
+ addr = NULL;
+ }
+
return -1;
}
diff --git a/openair3/UTILS/conversions.h b/openair3/UTILS/conversions.h
index 71d57cc87d9d2bda784c2e421050f0fabf117f1d..b4438b1aa5804c76383021c9c1ce0638d3874819 100644
--- a/openair3/UTILS/conversions.h
+++ b/openair3/UTILS/conversions.h
@@ -135,7 +135,7 @@ do { \
do { \
(bitstring)->size=2; \
(bitstring)->bits_unused=0; \
- (bitstring)->buf=calloc (1, sizeof (uint8_t)); \
+ (bitstring)->buf=calloc (2, sizeof (uint8_t)); \
(bitstring)->buf[0] = (encralg) >> 8; \
(bitstring)->buf[1] = (encralg); \
}while(0)
diff --git a/targets/ARCH/ETHERNET/USERSPACE/LIB/eth_raw.c b/targets/ARCH/ETHERNET/USERSPACE/LIB/eth_raw.c
index 2c8e55d14f0bbe43961965aeaee161627701b921..d893c66b526bf2602b80b21f86b556cb92095c4e 100644
--- a/targets/ARCH/ETHERNET/USERSPACE/LIB/eth_raw.c
+++ b/targets/ARCH/ETHERNET/USERSPACE/LIB/eth_raw.c
@@ -501,6 +501,7 @@ int eth_set_dev_conf_raw(openair0_device *device) {
perror("ETHERNET: ");
exit(0);
}
+ free(msg);
return 0;
}
@@ -532,7 +533,8 @@ int eth_set_dev_conf_raw_IF4p5(openair0_device *device) {
perror("ETHERNET: ");
exit(0);
}
-
+
+ free(msg);
return 0;
}
@@ -590,5 +592,6 @@ int eth_get_dev_conf_raw_IF4p5(openair0_device *device) {
//device->openair0_cfg=(openair0_config_t *)(msg + MAC_HEADER_SIZE_BYTES);
printf("[%s] binding mod to hardware address %x:%x:%x:%x:%x:%x hardware address %x:%x:%x:%x:%x:%x\n",((device->host_type == RAU_HOST) ? "RAU": "RRU"),eth->ehd.ether_shost[0],eth->ehd.ether_shost[1],eth->ehd.ether_shost[2],eth->ehd.ether_shost[3],eth->ehd.ether_shost[4],eth->ehd.ether_shost[5],eth->ehd.ether_dhost[0],eth->ehd.ether_dhost[1],eth->ehd.ether_dhost[2],eth->ehd.ether_dhost[3],eth->ehd.ether_dhost[4],eth->ehd.ether_dhost[5]);
+ free(msg);
return 0;
}