This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Neels Hofmeyr gerrit-no-reply at lists.osmocom.orgNeels Hofmeyr has uploaded this change for review. ( https://gerrit.osmocom.org/12156
Change subject: gsm48_mi_to_string(): guard against zero length output buffer
......................................................................
gsm48_mi_to_string(): guard against zero length output buffer
All successful cases already return from the switch(), so simply handle all
errors below it by returning an empty string (if there is enough string
buffer).
Change-Id: I709ac3b9efb7b4258d8660715b10312e11b9b571
---
M src/gsm/gsm48.c
M tests/gsm0408/gsm0408_test.ok
2 files changed, 13 insertions(+), 12 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/56/12156/1
diff --git a/src/gsm/gsm48.c b/src/gsm/gsm48.c
index 3487ef7..7517c09 100644
--- a/src/gsm/gsm48.c
+++ b/src/gsm/gsm48.c
@@ -658,8 +658,6 @@
mi_type = mi[0] & GSM_MI_TYPE_MASK;
switch (mi_type) {
- case GSM_MI_TYPE_NONE:
- break;
case GSM_MI_TYPE_TMSI:
/* Table 10.5.4.3, reverse generate_mid_from_tmsi */
if (mi_len == GSM48_TMSI_LEN && mi[0] == (0xf0 | GSM_MI_TYPE_TMSI)) {
@@ -679,12 +677,15 @@
return 0;
else
return strlen(string) + 1;
+
default:
break;
}
- *str_cur++ = '\0';
- return str_cur - string;
+ if (str_len < 1)
+ return 0;
+ *string = '\0';
+ return 1;
}
/*! Parse TS 04.08 Routing Area Identifier
diff --git a/tests/gsm0408/gsm0408_test.ok b/tests/gsm0408/gsm0408_test.ok
index 6e99f5b..d6579e5 100644
--- a/tests/gsm0408/gsm0408_test.ok
+++ b/tests/gsm0408/gsm0408_test.ok
@@ -72,8 +72,8 @@
returned empty string
- MI type: TMSI
- writing to zero-length string:
- rc=1
- ERROR: Wrote to invalid memory!
+ rc=0
+ nothing written
- writing to 1-byte-length string:
rc=1
returned empty string
@@ -82,8 +82,8 @@
returned empty string
- MI type: NONE
- writing to zero-length string:
- rc=1
- ERROR: Wrote to invalid memory!
+ rc=0
+ nothing written
- writing to 1-byte-length string:
rc=1
returned empty string
@@ -102,8 +102,8 @@
returned empty string
- MI type: TMSI | GSM_MI_ODD
- writing to zero-length string:
- rc=1
- ERROR: Wrote to invalid memory!
+ rc=0
+ nothing written
- writing to 1-byte-length string:
rc=1
returned empty string
@@ -112,8 +112,8 @@
returned empty string
- MI type: NONE | GSM_MI_ODD
- writing to zero-length string:
- rc=1
- ERROR: Wrote to invalid memory!
+ rc=0
+ nothing written
- writing to 1-byte-length string:
rc=1
returned empty string
--
To view, visit https://gerrit.osmocom.org/12156
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings
Gerrit-Project: libosmocore
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I709ac3b9efb7b4258d8660715b10312e11b9b571
Gerrit-Change-Number: 12156
Gerrit-PatchSet: 1
Gerrit-Owner: Neels Hofmeyr <nhofmeyr at sysmocom.de>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20181205/0b64470d/attachment.htm>