22 Apr
2016
22 Apr
'16
4:34 p.m.
On 22 Apr 2016, at 14:41, Sergey Kostanbaev
<sergey.kostanbaev(a)gmail.com> wrote:
+ case GSM0480_MTYPE_FACILITY:
+ rc &= parse_ss_facility(&hdr->data[0], len - sizeof(*hdr), req);
+ break;
default:
LOGP(0, LOGL_DEBUG, "Unknown GSM 04.80 message-type field 0x%02x\n",
hdr->msg_type);
@@ -284,6 +288,18 @@ static int parse_ss(const struct gsm48_hdr *hdr, uint16_t len,
struct ss_request
return rc;
}
+static int parse_ss_facility(const uint8_t *ss_facility, uint16_t len,
+ struct ss_request *req)
+{
+ uint8_t facility_length;
+
+ facility_length = ss_facility[0];
+ if (len - 1 < facility_length)
+ return 0;
+
+ return parse_facility_ie(ss_facility + 1, facility_length, req);
+}
+
static int parse_ss_info_elements(const uint8_t *ss_ie, uint16_t len,
struct ss_request *req)
same as with the previous commit. There is no guarantee that original_len - sizeof(*hdr)
> 1 (as that was removed). So len - 1 can be UINT16_MAX here?