This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
pespin gerrit-no-reply at lists.osmocom.orgpespin has posted comments on this change. ( https://gerrit.osmocom.org/c/libosmocore/+/22113 ) Change subject: tlv_parser: Fix various out-of-bounds accesses ...................................................................... Patch Set 2: (1 comment) https://gerrit.osmocom.org/c/libosmocore/+/22113/1/src/gsm/tlv_parser.c File src/gsm/tlv_parser.c: https://gerrit.osmocom.org/c/libosmocore/+/22113/1/src/gsm/tlv_parser.c@259 PS1, Line 259: *o_val = buf+1; in here you are actually assigning a pointer to buf[1] with buf_len = 1, which doesn't look good to me. Shouldn't this be "if (buf_len < 2)" ? Same with all below. I understand that's probably caught by the last check in the function at the end, but still coverity or/and ASan may don't like this (assigning a pointer to an address which may be out of allocated memory, hence to uninitialized memory). -- To view, visit https://gerrit.osmocom.org/c/libosmocore/+/22113 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: libosmocore Gerrit-Branch: master Gerrit-Change-Id: I98b02c914c9e3ecf56050af846292aa6979d7508 Gerrit-Change-Number: 22113 Gerrit-PatchSet: 2 Gerrit-Owner: laforge <laforge at osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: fixeria <vyanitskiy at sysmocom.de> Gerrit-Reviewer: pespin <pespin at sysmocom.de> Gerrit-Comment-Date: Tue, 12 Jan 2021 17:23:20 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20210112/2b439938/attachment.htm>