[XS] Change in libosmo-sccp[master]: coverity CID#216830 - gerrit-log

3 Sep 2024

neels has uploaded this change for review. ( https://gerrit.osmocom.org/c/libosmo-sccp/+/37995?usp=email )
Change subject: coverity CID#216830
......................................................................
coverity CID#216830
sanity-check par->len received on the wire.
Change-Id: I3e6283154268f97a66b2b3f2ec8e3e9631424434
---
M src/sua.c
1 file changed, 5 insertions(+), 1 deletion(-)
git pull ssh://gerrit.osmocom.org:29418/libosmo-sccp refs/changes/95/37995/1

diff --git a/src/sua.c b/src/sua.c
index 9e281e0..d4c8b29 100644
--- a/src/sua.c
+++ b/src/sua.c
@@ -436,7 +436,11 @@
    	par = (struct xua_parameter_hdr *) &param->dat[pos];
    	par_tag = ntohs(par->tag);
    	par_len = ntohs(par->len);
-		par_datalen = par_len - sizeof(*par);
+		/* sanity: check par->len received on the wire, make sure the subtraction does not wrap past zero */
+		if (par_len >= sizeof(*par))
+			par_datalen = par_len - sizeof(*par);
+		else
+			par_datalen = 0;
LOGP(DLSUA, LOGL_DEBUG, "SUA IEI 0x%04x pos %hu/%hu: subpart tag 0x%04x, len %hu\n",
    	     param->tag, pos, param->len, par_tag, par_len);
-- 
To view, visit https://gerrit.osmocom.org/c/libosmo-sccp/+/37995?usp=email
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings?usp=email

Gerrit-MessageType: newchange
Gerrit-Project: libosmo-sccp
Gerrit-Branch: master
Gerrit-Change-Id: I3e6283154268f97a66b2b3f2ec8e3e9631424434
Gerrit-Change-Number: 37995
Gerrit-PatchSet: 1
Gerrit-Owner: neels nhofmeyr@sysmocom.de



    