From 8f70c3eb1fe47fef6c9ac7ee769043b1664da3a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C3=A9vin=20Redon?= <kredon@sysmocom.de>
Date: Sun, 29 Jul 2018 09:50:57 +0200
Subject: [PATCH] remsim: fix payload overwriting

The slot number is in the header, and correctly set in st_push_hdr.
Setting the slot in st_slot_tx_msg will overwrite the payload data.
This caused bytes three of the ATR to be changed from 0x96 to 0x00,
corrupting the ATR. This corruption is caught by the ATR checksum,
and the modem would reset the card (2 additional times) to try to
get correct ATR.

Change-Id: If971699993617fc50557d20582c344ea06645a3f
---
 host/simtrace2-remsim.c | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/host/simtrace2-remsim.c b/host/simtrace2-remsim.c
index 462f73e0..52c50514 100644
--- a/host/simtrace2-remsim.c
+++ b/host/simtrace2-remsim.c
@@ -173,16 +173,11 @@ static struct simtrace_msg_hdr *st_push_hdr(struct msgb *msg, uint8_t msg_class,
 int st_slot_tx_msg(struct st_slot *slot, struct msgb *msg,
 		   uint8_t msg_class, uint8_t msg_type)
 {
-	struct simtrace_msg_hdr *sh = (struct simtrace_msg_hdr *) msg->data;
-
-	sh->slot_nr = slot->slot_nr;
-
 	st_push_hdr(msg, msg_class, msg_type, slot->slot_nr);
 
 	return st_transp_tx_msg(slot->transp, msg);
 }
 
-
 /***********************************************************************
  * Card Emulation protocol
  ***********************************************************************/