From 227971b340a6ae0787c442c8c31daf187b795b7c Mon Sep 17 00:00:00 2001 From: Moises Silva Date: Thu, 28 Jul 2011 12:32:22 -0400 Subject: [PATCH] freetdm: restrict GRS CLI request range to stay within sane boundaries --- .../ftmod_sangoma_ss7/ftmod_sangoma_ss7_cli.c | 7 ++- .../ftmod_sangoma_ss7_main.c | 3 +- .../ftmod_sangoma_ss7/ftmod_sangoma_ss7_out.c | 61 +++++++------------ 3 files changed, 28 insertions(+), 43 deletions(-) diff --git a/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_cli.c b/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_cli.c index f1da5f195a..5f87ffd877 100644 --- a/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_cli.c +++ b/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_cli.c @@ -1625,7 +1625,12 @@ static ftdm_status_t handle_tx_grs(ftdm_stream_handle_t *stream, int span, int c int basefound = 0; if (range > 31) { - stream->write_function(stream, "Invalid range value %d", range); + stream->write_function(stream, "Range value %d is too big for a GRS", range); + return FTDM_SUCCESS; + } + + if (range < 2) { + stream->write_function(stream, "Range value %d is too small for a GRS", range); return FTDM_SUCCESS; } diff --git a/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_main.c b/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_main.c index f5b162e104..6601c2e91a 100644 --- a/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_main.c +++ b/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_main.c @@ -962,9 +962,8 @@ ftdm_status_t ftdm_sangoma_ss7_process_state_change (ftdm_channel_t * ftdmchan) /* send out the grs */ ft_to_sngss7_grs (ftdmchan); - sngss7_set_ckt_flag(sngss7_info, FLAG_GRP_RESET_SENT); - }/* if ( sngss7_test_ckt_flag ( sngss7_info, FLAG_GRP_RESET_TX ) ) */ + } /* if the sig_status is up...bring it down */ if (ftdm_test_flag (ftdmchan, FTDM_CHANNEL_SIG_UP)) { diff --git a/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_out.c b/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_out.c index b65e0146e6..56238abdf9 100644 --- a/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_out.c +++ b/libs/freetdm/src/ftmod/ftmod_sangoma_ss7/ftmod_sangoma_ss7_out.c @@ -461,57 +461,38 @@ void ft_to_sngss7_gra (ftdm_channel_t * ftdmchan) } /******************************************************************************/ -void ft_to_sngss7_grs (ftdm_channel_t * ftdmchan) +void ft_to_sngss7_grs (ftdm_channel_t *fchan) { SS7_FUNC_TRACE_ENTER (__FUNCTION__); - ftdm_iterator_t *iter = NULL; - ftdm_iterator_t *curr = NULL; - sngss7_chan_data_t *cinfo = NULL; - sngss7_chan_data_t *sngss7_info = ftdmchan->call_data; + sngss7_chan_data_t *cinfo = fchan->call_data; SiStaEvnt grs; - iter = ftdm_span_get_chan_iterator(ftdmchan->span, NULL); - curr = iter; - for (curr = iter; curr; curr = ftdm_iterator_next(curr)) { - ftdm_channel_t *fchan = ftdm_iterator_current(curr); + ftdm_assert(sngss7_test_ckt_flag(cinfo, FLAG_GRP_RESET_TX) && + !sngss7_test_ckt_flag(cinfo, FLAG_GRP_RESET_SENT), "Incorrect flags\n"); - ftdm_channel_lock(fchan); + memset (&grs, 0x0, sizeof(grs)); + grs.rangStat.eh.pres = PRSNT_NODEF; + grs.rangStat.range.pres = PRSNT_NODEF; + grs.rangStat.range.val = cinfo->tx_grs.range; - cinfo = fchan->call_data; + sng_cc_sta_request (1, + 0, + 0, + cinfo->tx_grs.circuit, + 0, + SIT_STA_GRSREQ, + &grs); - if (!cinfo->tx_grs.range) { + SS7_INFO_CHAN(fchan, "[CIC:%d]Tx GRS (%d:%d)\n", + cinfo->circuit->cic, + cinfo->circuit->cic, + (cinfo->circuit->cic + cinfo->tx_grs.range)); - ftdm_channel_unlock(fchan); + memset(&cinfo->tx_grs, 0, sizeof(cinfo->tx_grs)); - continue; - } - - memset (&grs, 0x0, sizeof(grs)); - grs.rangStat.eh.pres = PRSNT_NODEF; - grs.rangStat.range.pres = PRSNT_NODEF; - grs.rangStat.range.val = cinfo->tx_grs.range; - - sng_cc_sta_request (1, - 0, - 0, - cinfo->tx_grs.circuit, - 0, - SIT_STA_GRSREQ, - &grs); - - SS7_INFO_CHAN(ftdmchan,"[CIC:%d]Tx GRS (%d:%d)\n", - sngss7_info->circuit->cic, - sngss7_info->circuit->cic, - (sngss7_info->circuit->cic + cinfo->tx_grs.range)); - - memset(&cinfo->tx_grs, 0, sizeof(cinfo->tx_grs)); - - ftdm_channel_unlock(fchan); - } - - ftdm_iterator_free(iter); + sngss7_set_ckt_flag(cinfo, FLAG_GRP_RESET_SENT); SS7_FUNC_TRACE_EXIT (__FUNCTION__); }