Hello Jenkins Builder,
I'd like you to reexamine a change. Please visit
https://gerrit.osmocom.org/10054
to look at the new patch set (#4).
Change subject: fix unaligned access in build_ipcp_pco()
......................................................................
fix unaligned access in build_ipcp_pco()
IPCP data can begin at any byte location in the pco_req->v array.
Casting to a 'struct ipcp_hdr' pointer could lead to unaligned access.
Parse IPCP data with u_int8_t pointers instead to avoid this problem.
Add some length checks while here.
pco_contains_proto() and ipcp_contains_option() now receive the minimum
size of the data the caller is looking for, and only return pointers
to items of sufficient size.
Also fix an inifinite loop in ipcp_contains_option() by refusing
IPCP options with length small than 2. Previously, a zero length
option would trigger an infinite loop in the parser.
Change-Id: Ia1410abb216831864042f95679330f4508e1af3d
Related: OS#3194
---
M ggsn/ggsn.c
1 file changed, 31 insertions(+), 20 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-ggsn refs/changes/54/10054/4
--
To view, visit https://gerrit.osmocom.org/10054
To unsubscribe, or for help writing mail filters, visit
https://gerrit.osmocom.org/settings
Gerrit-Project: osmo-ggsn
Gerrit-Branch: master
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: Ia1410abb216831864042f95679330f4508e1af3d
Gerrit-Change-Number: 10054
Gerrit-PatchSet: 4
Gerrit-Owner: Stefan Sperling <[email protected]>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: Stefan Sperling <[email protected]>
Gerrit-CC: Pau Espin Pedrol <[email protected]>
