This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Vadim Yanitskiy gerrit-no-reply at lists.osmocom.orgReview at https://gerrit.osmocom.org/5934 tests/ussd: prevent uninitialized memory access Previously an incorrect length value was passed to both gsm_7bit_decode_n_ussd() and gsm_7bit_encode_n_ussd() functions during test_7bit_ussd() execution, due to: octets_written = strlen(decoded); The problem is that strlen() returns one-byte bigger value, that octets_written is. This then causes the uninitialized memory access. Found using Valgrind: Conditional jump or move depends on uninitialised value(s) at 0x506DCCC: gsm_7bit_decode_n_ussd (gsm_utils.c:248) by 0x40134B: test_7bit_ussd (ussd_test.c:104) by 0x400F5D: main (ussd_test.c:161) Conditional jump or move depends on uninitialised value(s) at 0x506DBB7: gsm_7bit_decode_n_hdr (gsm_utils.c:220) by 0x506DC9E: gsm_7bit_decode_n_ussd (gsm_utils.c:246) by 0x40134B: test_7bit_ussd (ussd_test.c:104) by 0x400F5D: main (ussd_test.c:161) Conditional jump or move depends on uninitialised value(s) at 0x506DBCB: gsm_septet_lookup (gsm_utils.c:153) by 0x506DBCB: gsm_7bit_decode_n_hdr (gsm_utils.c:224) by 0x506DC9E: gsm_7bit_decode_n_ussd (gsm_utils.c:246) by 0x40134B: test_7bit_ussd (ussd_test.c:104) by 0x400F5D: main (ussd_test.c:161) Change-Id: Ic31805b6a5a917dfc6284edba6ffdd21246ac20c --- M tests/ussd/ussd_test.c 1 file changed, 1 insertion(+), 2 deletions(-) git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/34/5934/1 diff --git a/tests/ussd/ussd_test.c b/tests/ussd/ussd_test.c index 8d88dbb..429c72d 100644 --- a/tests/ussd/ussd_test.c +++ b/tests/ussd/ussd_test.c @@ -90,8 +90,7 @@ OSMO_ASSERT(strcmp(encoded_hex, osmo_hexdump_nospc(coded, octets_written)) == 0); gsm_7bit_decode_n_ussd(decoded, sizeof(decoded), coded, octets_written * 8 / 7); - octets_written = strlen(decoded); - printf("decoded = %s\n\n", osmo_hexdump((uint8_t *)decoded, octets_written)); + printf("decoded = %s\n\n", osmo_hexdump((uint8_t *)decoded, strlen(decoded))); OSMO_ASSERT(strncmp(text, decoded, strlen(text)) == 0); OSMO_ASSERT(strcmp(appended_after_decode, decoded + strlen(text)) == 0); -- To view, visit https://gerrit.osmocom.org/5934 To unsubscribe, visit https://gerrit.osmocom.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ic31805b6a5a917dfc6284edba6ffdd21246ac20c Gerrit-PatchSet: 1 Gerrit-Project: libosmocore Gerrit-Branch: master Gerrit-Owner: Vadim Yanitskiy <axilirator at gmail.com>