This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
neels gerrit-no-reply at lists.osmocom.orgneels has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-msc/+/19098 )
Change subject: sgs_tx_loc_upd_resp_cb(): fix error handling for MI encoding
......................................................................
sgs_tx_loc_upd_resp_cb(): fix error handling for MI encoding
new_id_ptr should be passed as NULL if encoding the TMSI failed, so initialize
it accordingly.
Also add some bloat to better handle the case of an encoding error, even though
from code analysis that should not be possible here: there is enough buffer,
the MI is a TMSI encoded from a uint32_t...
The problem was introduced by Idfc8e576e10756aeaacf5569f6178068313eb7ea, before
which new_id_len was always 0 when no TMSI was present.
Related: CID#210894
Change-Id: I800c5dca3fdbdedf70a64d9fd5a1bdfd1397f431
---
M src/libmsc/sgs_iface.c
1 file changed, 8 insertions(+), 2 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-msc refs/changes/98/19098/1
diff --git a/src/libmsc/sgs_iface.c b/src/libmsc/sgs_iface.c
index b792e46..d13449d 100644
--- a/src/libmsc/sgs_iface.c
+++ b/src/libmsc/sgs_iface.c
@@ -372,7 +372,7 @@
struct vlr_subscr *vsub = response->vsub;
struct sgs_mme_ctx *mme;
uint8_t new_id[2 + GSM48_TMSI_LEN];
- uint8_t *new_id_ptr = new_id;
+ uint8_t *new_id_ptr = NULL;
int new_id_len = 0;
uint8_t resp_msg_type;
@@ -403,8 +403,14 @@
.tmsi = vsub->tmsi_new,
};
new_id_len = osmo_mobile_identity_encode_buf(new_id, sizeof(new_id), &tmsi_mi, false);
- if (new_id_len > 0)
+ if (new_id_len > 0) {
new_id_ptr = new_id;
+ } else {
+ /* Failure to encode the TMSI is not actually possible here, this is just for paranoia
+ * and coverity scan. */
+ new_id_len = 0;
+ LOGPFSMSL(vsub->sgs_fsm, DMM, LOGL_ERROR, "Cannot encode TMSI Mobile Identity\n");
+ }
}
resp = gsm29118_create_lu_ack(vsub->imsi, &vsub->sgs.lai, new_id_ptr, new_id_len);
sgs_tx(mme->conn, resp);
--
To view, visit https://gerrit.osmocom.org/c/osmo-msc/+/19098
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings
Gerrit-Project: osmo-msc
Gerrit-Branch: master
Gerrit-Change-Id: I800c5dca3fdbdedf70a64d9fd5a1bdfd1397f431
Gerrit-Change-Number: 19098
Gerrit-PatchSet: 1
Gerrit-Owner: neels <nhofmeyr at sysmocom.de>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20200701/58ec40b1/attachment.htm>