From 16ea66db2a8831726869e8608fa7c0490b4564d0 Mon Sep 17 00:00:00 2001
From: Raymond Knopp <raymond.knopp@eurecom.fr>
Date: Thu, 16 Apr 2015 13:01:15 +0000
Subject: [PATCH] added S. Held patch-0004-buggy-indexing

git-svn-id: http://svn.eurecom.fr/openair4G/trunk@7178 818b1a75-f10b-46b9-bf7c-635c3b92a50f
---
 openair2/RRC/LITE/rrc_UE.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/openair2/RRC/LITE/rrc_UE.c b/openair2/RRC/LITE/rrc_UE.c
index e5f4de7d18..2ef5ab4e5e 100644
--- a/openair2/RRC/LITE/rrc_UE.c
+++ b/openair2/RRC/LITE/rrc_UE.c
@@ -213,6 +213,9 @@ init_SI_UE(
   UE_rrc_inst[ctxt_pP->module_id].sib1[eNB_index] = (SystemInformationBlockType1_t*)malloc16(sizeof(SystemInformationBlockType1_t));
   UE_rrc_inst[ctxt_pP->module_id].SI[eNB_index] = (uint8_t*)malloc16(64);
 
+  // FIXME the structure member si is defined as si[NB_CNX_UE][8]
+  // FIXME the code at rrc_UE.c:2250 indexes si like this: UE_rrc_inst[ctxt_pP->module_id].si[eNB_index][si_window]
+  // FIXME for si_window = 2 (which can happen) this produces a SIGSEGV
   for (i=0; i<NB_CNX_UE; i++) {
     UE_rrc_inst[ctxt_pP->module_id].si[eNB_index][i] = (SystemInformation_t*)malloc16(sizeof(SystemInformation_t));
   }
@@ -2245,7 +2248,7 @@ decode_BCCH_DLSCH_Message(
           //                                                if ((frameP %8) == 1) {  // check only in odd frames for SI
           si_window = (ctxt_pP->frame%(UE_rrc_inst[ctxt_pP->module_id].Info[eNB_index].SIperiod/10))/
                       (UE_rrc_inst[ctxt_pP->module_id].Info[eNB_index].SIwindowsize/10);
-          memcpy((void*)si[si_window],
+          memcpy((void*)si[si_window], // FIXME check indexing (see line 219)
                  (void*)&bcch_message->message.choice.c1.choice.systemInformation,
                  sizeof(SystemInformation_t));
           LOG_D(RRC,"[UE %d] Decoding SI for frameP %d, si_window %d\n",
-- 
GitLab