<p>Harald Welte <strong>merged</strong> this change.</p><p><a href="https://gerrit.osmocom.org/11819">View Change</a></p><div style="white-space:pre-wrap">Approvals:
  Harald Welte: Looks good to me, approved
  Jenkins Builder: Verified

</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">Use safer functions for IMSI ACL<br><br>Avoid explicit memset which confuses coverity, use strnlen() and<br>osmo_strlcpy() to handle strings.<br><br>Change-Id: I73fd54ad3a4ab8be5aff0fee5c722597ad766e9d<br>Fixes: CID163626<br>---<br>M src/gprs/sgsn_vty.c<br>1 file changed, 8 insertions(+), 6 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/src/gprs/sgsn_vty.c b/src/gprs/sgsn_vty.c</span><br><span>index f57a2b9..601b3c5 100644</span><br><span>--- a/src/gprs/sgsn_vty.c</span><br><span>+++ b/src/gprs/sgsn_vty.c</span><br><span>@@ -634,19 +634,21 @@</span><br><span>     "Remove IMSI from ACL\n"</span><br><span>   "IMSI of subscriber\n")</span><br><span> {</span><br><span style="color: hsl(0, 100%, 40%);">-  char imsi_sanitized[GSM23003_IMSI_MAX_DIGITS+1];</span><br><span style="color: hsl(120, 100%, 40%);">+      char imsi_sanitized[GSM23003_IMSI_MAX_DIGITS + 1] = { '0' };</span><br><span>         const char *op = argv[0];</span><br><span>    const char *imsi = imsi_sanitized;</span><br><span style="color: hsl(120, 100%, 40%);">+    size_t len = strnlen(argv[1], GSM23003_IMSI_MAX_DIGITS + 1);</span><br><span>         int rc;</span><br><span> </span><br><span>  /* Sanitize IMSI */</span><br><span style="color: hsl(0, 100%, 40%);">-     if (strlen(argv[1]) > GSM23003_IMSI_MAX_DIGITS) {</span><br><span style="color: hsl(0, 100%, 40%);">-            vty_out(vty, "%% IMSI (%s) too long -- ignored!%s",</span><br><span style="color: hsl(0, 100%, 40%);">-                   argv[1], VTY_NEWLINE);</span><br><span style="color: hsl(120, 100%, 40%);">+        if (len > GSM23003_IMSI_MAX_DIGITS) {</span><br><span style="color: hsl(120, 100%, 40%);">+              vty_out(vty, "%% IMSI (%s) too long (max %u digits) -- ignored!%s",</span><br><span style="color: hsl(120, 100%, 40%);">+                 argv[1], GSM23003_IMSI_MAX_DIGITS, VTY_NEWLINE);</span><br><span>             return CMD_WARNING;</span><br><span>  }</span><br><span style="color: hsl(0, 100%, 40%);">-       memset(imsi_sanitized, '0', sizeof(imsi_sanitized));</span><br><span style="color: hsl(0, 100%, 40%);">-    strcpy(imsi_sanitized+GSM23003_IMSI_MAX_DIGITS-strlen(argv[1]),argv[1]);</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+    osmo_strlcpy(imsi_sanitized + GSM23003_IMSI_MAX_DIGITS - len, argv[1],</span><br><span style="color: hsl(120, 100%, 40%);">+                     sizeof(imsi_sanitized) - (GSM23003_IMSI_MAX_DIGITS - len));</span><br><span> </span><br><span>         if (!strcmp(op, "add"))</span><br><span>            rc = sgsn_acl_add(imsi, g_cfg);</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.osmocom.org/11819">change 11819</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.osmocom.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.osmocom.org/11819"/><meta itemprop="name" content="View Change"/></div></div>

<div style="display:none"> Gerrit-Project: osmo-sgsn </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: merged </div>
<div style="display:none"> Gerrit-Change-Id: I73fd54ad3a4ab8be5aff0fee5c722597ad766e9d </div>
<div style="display:none"> Gerrit-Change-Number: 11819 </div>
<div style="display:none"> Gerrit-PatchSet: 2 </div>
<div style="display:none"> Gerrit-Owner: Max <msuraev@sysmocom.de> </div>
<div style="display:none"> Gerrit-Reviewer: Harald Welte <laforge@gnumonks.org> </div>
<div style="display:none"> Gerrit-Reviewer: Jenkins Builder (1000002) </div>