Attention is currently required from: dexter.
laforge has posted comments on this change. (
https://gerrit.osmocom.org/c/osmo-bsc/+/31577 )
Change subject: abis_rsl: assert maximum length
......................................................................
Patch Set 3:
(1 comment)
File src/osmo-bsc/abis_rsl.c:
https://gerrit.osmocom.org/c/osmo-bsc/+/31577/comment/33323c21_2a72466b
PS3, Line 948: val
we have to be a bit carefult with assert's to avoid ending up in the sukchan-style of
software development, where any (even unexpeted) protocol message can create a denial of
service against the program. I didn't check who calls this function, but it looks
like it's triggered from the RSL input path..
In general, ASSERT should be used to protect us against programming mistakes in this
program (BSC). But not against unexpected messages received from other network elements.
In that case we need to do runtime length checking + error handling
--
To view, visit
https://gerrit.osmocom.org/c/osmo-bsc/+/31577
To unsubscribe, or for help writing mail filters, visit
https://gerrit.osmocom.org/settings
Gerrit-Project: osmo-bsc
Gerrit-Branch: master
Gerrit-Change-Id: I9417b35fb8c0517f2555e17059bf8ac60fa59791
Gerrit-Change-Number: 31577
Gerrit-PatchSet: 3
Gerrit-Owner: dexter <pmaier(a)sysmocom.de>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: laforge <laforge(a)osmocom.org>
Gerrit-Reviewer: pespin <pespin(a)sysmocom.de>
Gerrit-Attention: dexter <pmaier(a)sysmocom.de>
Gerrit-Comment-Date: Tue, 28 Feb 2023 18:08:09 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Gerrit-MessageType: comment