fixeria has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmocom-bb/+/35602?usp=email )

Change subject: fixup: mobile: always check return value of tlv_parse() ......................................................................

fixup: mobile: always check return value of tlv_parse()

Fix a regression: check if Location Area Information IE fits.

Change-Id: I51e2ae1be1c51a6359f8b0faad56f654251f1413 Fixes: bb0ac02e "mobile: always check return value of tlv_parse()" Fixes: CID#341618 --- M src/host/layer23/src/mobile/gsm48_mm.c 1 file changed, 14 insertions(+), 1 deletion(-)

git pull ssh://gerrit.osmocom.org:29418/osmocom-bb refs/changes/02/35602/1

diff --git a/src/host/layer23/src/mobile/gsm48_mm.c b/src/host/layer23/src/mobile/gsm48_mm.c index ee457ad..fad475e 100644 --- a/src/host/layer23/src/mobile/gsm48_mm.c +++ b/src/host/layer23/src/mobile/gsm48_mm.c @@ -2613,7 +2613,7 @@ struct tlv_parsed tp; struct msgb *nmsg;

- if (payload_len < 0) { + if (payload_len < sizeof(*lai)) { short_read: LOGP(DMM, LOGL_ERROR, "Short read of LOCATION UPDATING ACCEPT message\n"); return -EINVAL;