osmo-trx.git branch ttsou/fixes updated. 68475102023be985d45698acb81b888f78db8728

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/osmocom-commitlog@lists.osmocom.org/.

gitosis at osmocom.org gitosis at osmocom.org
Fri Apr 29 18:52:26 UTC 2016


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenBTS' transceiver retro-fit".

The branch, ttsou/fixes has been updated
  discards  7764ca94ce659dad840dc120bfb9b77be561ccbc (commit)
  discards  520d21c825c4f856b4faec6ddaa1b653d113fd05 (commit)
  discards  5463584a9fae40b6a2a4d3beade09ff871bddd64 (commit)
       via  68475102023be985d45698acb81b888f78db8728 (commit)
       via  7b9ac673752d8831a785bfc1af0029389f4814bf (commit)

This update added new revisions after undoing existing revisions.  That is
to say, the old revision is not a strict subset of the new revision.  This
situation occurs when you --force push a change and generate a repository
containing something like this:

 * -- * -- B -- O -- O -- O (7764ca94ce659dad840dc120bfb9b77be561ccbc)
            \
             N -- N -- N (68475102023be985d45698acb81b888f78db8728)

When this happens we assume that you've already had alert emails for all
of the O revisions, and so we here report only the revisions in the N
branch from the common base, B.

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://cgit.osmocom.org/osmo-trx/commit/?id=68475102023be985d45698acb81b888f78db8728

commit 68475102023be985d45698acb81b888f78db8728
Author: Tom Tsou <tom.tsou at ettus.com>
Date:   Thu Apr 28 21:55:17 2016 -0700

    common: Add mandatory length field to UDP receive calls
    
    Current UDP receive reads up to MAX_UDP_LENGTH bytes into the
    passed in buffer, which may lead to buffer overflow if the
    write buffer is of insufficient size.
    
    Add mandatory length argument to UDP socket receive calls.
    
    Signed-off-by: Tom Tsou <tom.tsou at ettus.com>

http://cgit.osmocom.org/osmo-trx/commit/?id=7b9ac673752d8831a785bfc1af0029389f4814bf

commit 7b9ac673752d8831a785bfc1af0029389f4814bf
Author: Tom Tsou <tom.tsou at ettus.com>
Date:   Thu Apr 28 21:24:53 2016 -0700

    common: Restrict UDP binding to localhost only
    
    Reported security vulnerability where control and data UDP
    packets can be injected into the transceiver externally due
    to socket binding to all interfaces using INADDR_ANY.
    
    Existing socket interface does not allow specifying local
    address; only the local port and remote address/port are
    arguments.
    
    Restrict socket bind to localhost with INADDR_LOOPBACK. If
    external interfaces do need to be used, the API should be
    modified to allow specifying the local socket address.
    
    Signed-off-by: Tom Tsou <tom.tsou at ettus.com>

-----------------------------------------------------------------------

Summary of changes:
 Transceiver52M/Transceiver.cpp | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
OpenBTS' transceiver retro-fit



More information about the osmocom-commitlog mailing list