jolly has uploaded this change for review.

View Change

Correctly calculate size iofd_msgb_alloc2()

When limiting headroom value to 16 bits, the allocated buffer will be
too small, if headroom exceeds 65535.

Related: Coverity CID#548925
Change-Id: I16c1e08fb64a1fafaeee1844fd8c00ecc2861d12
---
M src/core/osmo_io.c
1 file changed, 1 insertion(+), 1 deletion(-)

git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/38/41138/1
diff --git a/src/core/osmo_io.c b/src/core/osmo_io.c
index 399a604..708d2c0 100644
--- a/src/core/osmo_io.c
+++ b/src/core/osmo_io.c
@@ -187,7 +187,7 @@
 /*! convenience wrapper to call msgb_alloc with parameters from osmo_io_fd (of given size) */
 struct msgb *iofd_msgb_alloc2(struct osmo_io_fd *iofd, size_t size)
 {
-	uint16_t headroom = iofd->msgb_alloc.headroom;
+	size_t headroom = iofd->msgb_alloc.headroom;
 
 	OSMO_ASSERT(size <= 0xffff - headroom);
 	return msgb_alloc_headroom_c(iofd, size + headroom, headroom, "osmo_io_msgb");

To view, visit change 41138. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-MessageType: newchange
Gerrit-Project: libosmocore
Gerrit-Branch: master
Gerrit-Change-Id: I16c1e08fb64a1fafaeee1844fd8c00ecc2861d12
Gerrit-Change-Number: 41138
Gerrit-PatchSet: 1
Gerrit-Owner: jolly <andreas@eversberg.eu>