I will prepare patch for this issues soon.
2013/11/12 Ivan Kluchnikov <Ivan.Kluchnikov(a)fairwaves.ru>ru>:
Hi Holger,
2013/11/11 Holger Hans Peter Freyther <hfreyther(a)sysmocom.de>de>:
Uninitialized scalar variable:
gsm_rlcmac.cpp:5321 ar.direction not initialized
gsm_rlcmac.cpp:5039 ar.direction not initialized
gsm_rlcmac.cpp:5155 ar.direction not initialized
gsm_rlcmac.cpp:4872 ar.direction not initialized
Just initialize it in csnStreamInit?
Yes.
Out-of-bounds read:
gsm_rlcmac.cpp:5502 " Overrunning array "data->RLC_DATA" of 20 bytes
at byte offset 22 using index "i" (which evaluates to 22)."
gsm_rlcmac.cpp:5440 " Overrunning array "data->RLC_DATA" of 20 bytes
at byte offset 22 using index "i" (which evaluates to 22)."
Maybe just add an assert that dataNumOctets <= 20?
Yes, it makes sense.
--
Regards,
Ivan Kluchnikov.
http://fairwaves.ru
--
Regards,
Ivan Kluchnikov.