<p>pespin <strong>merged</strong> this change.</p><p><a href="https://gerrit.osmocom.org/c/osmo-mgw/+/14966">View Change</a></p><div style="white-space:pre-wrap">Approvals:
Jenkins Builder: Verified
daniel: Looks good to me, but someone else must approve
laforge: Looks good to me, approved
</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">Fix return variable of strtoul()<br><br>Return variable specified by strtoul() is "unsigned long int". If<br>"unsigned int" is used, according to Coverity the return value can never<br>be ULONG_MAX:<br><br>CID 202173: Integer handling issues (CONSTANT_EXPRESSION_RESULT)<br>"pt == 18446744073709551615UL /* 9223372036854775807L * 2UL + 1UL */" is always false regardless of the values of its operands. This occurs as the logical second operand of "&&".<br><br>Furthermore, PT is 7 bit in RTP header [1], so let's avoid accepting<br>incorrect values.<br><br>[1] https://tools.ietf.org/html/rfc3550#section-5<br><br>Fixes: c5c1430a1c00ad86855ffff3df3f106bb2bce1d5 ("Catch unsigned integer MGCP parsing errors with strtoul")<br>Fixes: Coverity CID#202172<br>FIxes: Coverity CID#202173<br>Change-Id: Ice9eee6a252fab73dbab5ebf3cfc83c1b354fd08<br>---<br>M src/libosmo-mgcp-client/mgcp_client.c<br>M src/libosmo-mgcp/mgcp_sdp.c<br>2 files changed, 8 insertions(+), 2 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/src/libosmo-mgcp-client/mgcp_client.c b/src/libosmo-mgcp-client/mgcp_client.c</span><br><span>index 910289e..3f8e780 100644</span><br><span>--- a/src/libosmo-mgcp-client/mgcp_client.c</span><br><span>+++ b/src/libosmo-mgcp-client/mgcp_client.c</span><br><span>@@ -268,7 +268,7 @@</span><br><span> {</span><br><span> char *pt_str;</span><br><span> char *pt_end;</span><br><span style="color: hsl(0, 100%, 40%);">- unsigned int pt;</span><br><span style="color: hsl(120, 100%, 40%);">+ unsigned long int pt;</span><br><span> unsigned int count = 0;</span><br><span> unsigned int i;</span><br><span> </span><br><span>@@ -298,6 +298,9 @@</span><br><span> pt_str == pt_end)</span><br><span> goto response_parse_failure_pt;</span><br><span> </span><br><span style="color: hsl(120, 100%, 40%);">+ if (pt >> 7) /* PT is 7 bit field, higher values not allowed */</span><br><span style="color: hsl(120, 100%, 40%);">+ goto response_parse_failure_pt;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span> /* Do not allow duplicate payload types */</span><br><span> for (i = 0; i < count; i++)</span><br><span> if (r->codecs[i] == pt)</span><br><span>diff --git a/src/libosmo-mgcp/mgcp_sdp.c b/src/libosmo-mgcp/mgcp_sdp.c</span><br><span>index 56fc611..01e7968 100644</span><br><span>--- a/src/libosmo-mgcp/mgcp_sdp.c</span><br><span>+++ b/src/libosmo-mgcp/mgcp_sdp.c</span><br><span>@@ -132,7 +132,7 @@</span><br><span> char *str_ptr;</span><br><span> char *pt_str;</span><br><span> char *pt_end;</span><br><span style="color: hsl(0, 100%, 40%);">- unsigned int pt;</span><br><span style="color: hsl(120, 100%, 40%);">+ unsigned long int pt;</span><br><span> unsigned int count = 0;</span><br><span> unsigned int i;</span><br><span> </span><br><span>@@ -163,6 +163,9 @@</span><br><span> pt_str == pt_end)</span><br><span> goto error;</span><br><span> </span><br><span style="color: hsl(120, 100%, 40%);">+ if (pt >> 7) /* PT is 7 bit field, higher values not allowed */</span><br><span style="color: hsl(120, 100%, 40%);">+ goto error;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span> /* Do not allow duplicate payload types */</span><br><span> for (i = 0; i < count; i++)</span><br><span> if (codecs[i].payload_type == pt)</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.osmocom.org/c/osmo-mgw/+/14966">change 14966</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.osmocom.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.osmocom.org/c/osmo-mgw/+/14966"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: osmo-mgw </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-Change-Id: Ice9eee6a252fab73dbab5ebf3cfc83c1b354fd08 </div>
<div style="display:none"> Gerrit-Change-Number: 14966 </div>
<div style="display:none"> Gerrit-PatchSet: 2 </div>
<div style="display:none"> Gerrit-Owner: pespin <pespin@sysmocom.de> </div>
<div style="display:none"> Gerrit-Reviewer: Jenkins Builder </div>
<div style="display:none"> Gerrit-Reviewer: daniel <dwillmann@sysmocom.de> </div>
<div style="display:none"> Gerrit-Reviewer: laforge <laforge@gnumonks.org> </div>
<div style="display:none"> Gerrit-Reviewer: osmith <osmith@sysmocom.de> </div>
<div style="display:none"> Gerrit-Reviewer: pespin <pespin@sysmocom.de> </div>
<div style="display:none"> Gerrit-MessageType: merged </div>