diff --git a/src/mme/mme-s11-handler.c b/src/mme/mme-s11-handler.c index daa7f6218a..aeae428793 100644 --- a/src/mme/mme-s11-handler.c +++ b/src/mme/mme-s11-handler.c @@ -112,16 +112,6 @@ void mme_s11_handle_create_session_response( ogs_assert(sess); mme_ue = sess->mme_ue; ogs_assert(mme_ue); - source_ue = sgw_ue_cycle(mme_ue->sgw_ue); - ogs_assert(source_ue); - - if (create_action == OGS_GTP_CREATE_IN_PATH_SWITCH_REQUEST) { - target_ue = sgw_ue_cycle(source_ue->target_ue); - ogs_assert(target_ue); - } else { - target_ue = source_ue; - ogs_assert(target_ue); - } rv = ogs_gtp_xact_commit(xact); ogs_expect_or_return(rv == OGS_OK); @@ -136,6 +126,23 @@ void mme_s11_handle_create_session_response( cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } + source_ue = sgw_ue_cycle(mme_ue->sgw_ue); + if (!source_ue) { + ogs_error("Cannot find source_ue context"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + + if (create_action == OGS_GTP_CREATE_IN_PATH_SWITCH_REQUEST) { + // if source_ue == null we'll catch below + if (source_ue) { + target_ue = sgw_ue_cycle(source_ue->target_ue); + ogs_assert(target_ue); + } + } else { + target_ue = source_ue; + // if source_ue == null we'll catch below + } + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { if (create_action == OGS_GTP_CREATE_IN_ATTACH_REQUEST) { ogs_error("[%s] Attach reject", mme_ue->imsi_bcd); @@ -437,8 +444,6 @@ void mme_s11_handle_modify_bearer_response( modify_action = xact->modify_action; mme_ue = xact->data; ogs_assert(mme_ue); - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); - ogs_assert(sgw_ue); rv = ogs_gtp_xact_commit(xact); ogs_expect_or_return(rv == OGS_OK); @@ -453,6 +458,12 @@ void mme_s11_handle_modify_bearer_response( cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; } + sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + if (!sgw_ue) { + ogs_error("Cannot find sgw_ue context"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { mme_send_delete_session_or_mme_ue_context_release(mme_ue); return; @@ -1116,8 +1127,6 @@ void mme_s11_handle_release_access_bearers_response( ogs_assert(action); mme_ue = xact->data; ogs_assert(mme_ue); - sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); - ogs_assert(sgw_ue); rv = ogs_gtp_xact_commit(xact); ogs_expect_or_return(rv == OGS_OK); @@ -1127,6 +1136,15 @@ void mme_s11_handle_release_access_bearers_response( ***********************/ if (!mme_ue_from_teid) { ogs_error("No Context in TEID"); + mme_send_delete_session_or_mme_ue_context_release(mme_ue); + return; + } + + sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); + if (!sgw_ue) { + ogs_error("Cannot find sgw_ue"); + mme_send_delete_session_or_mme_ue_context_release(mme_ue); + return; } /******************** diff --git a/src/mme/nas-path.c b/src/mme/nas-path.c index 67b616b643..354c3b8844 100644 --- a/src/mme/nas-path.c +++ b/src/mme/nas-path.c @@ -131,6 +131,7 @@ int nas_eps_send_attach_reject(mme_ue_t *mme_ue, ogs_nas_emm_cause_t emm_cause, ogs_nas_esm_cause_t esm_cause) { int rv; + enb_ue_t *enb_ue = NULL; mme_sess_t *sess = NULL; ogs_pkbuf_t *esmbuf = NULL, *emmbuf = NULL; @@ -139,6 +140,12 @@ int nas_eps_send_attach_reject(mme_ue_t *mme_ue, ogs_debug("[%s] Attach reject", mme_ue->imsi_bcd); ogs_debug(" Cause[%d]", emm_cause); + enb_ue = enb_ue_cycle(mme_ue->enb_ue); + if (!enb_ue) { + ogs_error("S1 context has already been removed"); + return OGS_OK; + } + sess = mme_sess_first(mme_ue); if (sess) { esmbuf = esm_build_pdn_connectivity_reject(