[MME] Follow-up on open5gs#2916

When there is no MME-UE Context, going to cleanup without setting s6a_message could cause a segmentation fault. We fixed the problem by moving the location of setting s6a_message to before cleanup.
yinxx · Feb 8, 2024 · 94bd68a · 94bd68a
1 parent 290df46
commit 94bd68a
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/src/mme/mme-sm.c b/src/mme/mme-sm.c
@@ -516,6 +516,9 @@ void mme_state_operational(ogs_fsm_t *s, mme_event_t *e)
         break;
 
     case MME_EVENT_S6A_MESSAGE:
+        s6a_message = e->s6a_message;
+        ogs_assert(s6a_message);
+
         /*
          * A race condition can occur in the following situations.
          * In conclusion, we can use this situation to determine
@@ -563,9 +566,6 @@ void mme_state_operational(ogs_fsm_t *s, mme_event_t *e)
             goto cleanup;
         }
 
-        s6a_message = e->s6a_message;
-        ogs_assert(s6a_message);
-
         switch (s6a_message->cmd_code) {
         case OGS_DIAM_S6A_CMD_CODE_AUTHENTICATION_INFORMATION:
             ogs_debug("OGS_DIAM_S6A_CMD_CODE_AUTHENTICATION_INFORMATION");