Change in osmo-bsc[master]: LCLS: tighten GCR check

Max Thu, 08 Nov 2018 06:19:15 -0800

Max has uploaded this change for review. ( https://gerrit.osmocom.org/11689



Change subject: LCLS: tighten GCR check
......................................................................

LCLS: tighten GCR check

Use stricter checks for received Global Call Reference.

Change-Id: I9690e1b2d14e41471413bb35eb22fa6c4c4d67fd
Related: OS#2487
---
M src/osmo-bsc/osmo_bsc_bssap.c
1 file changed, 13 insertions(+), 12 deletions(-)



  git pull ssh://gerrit.osmocom.org:29418/osmo-bsc refs/changes/89/11689/1

diff --git a/src/osmo-bsc/osmo_bsc_bssap.c b/src/osmo-bsc/osmo_bsc_bssap.c
index 6b7a682..f03fb6e 100644
--- a/src/osmo-bsc/osmo_bsc_bssap.c
+++ b/src/osmo-bsc/osmo_bsc_bssap.c
@@ -520,19 +520,20 @@
 static void bssmap_handle_ass_req_lcls(struct gsm_subscriber_connection *conn,
                                        const struct tlv_parsed *tp)
 {
-       const struct tlv_p_entry *tlv;
-       const uint8_t *config, *control;
+       const uint8_t *config, *control, *gcr, gcr_len = TLVP_LEN(tp, 
GSM0808_IE_GLOBAL_CALL_REF);

-       tlv = TLVP_GET(tp, GSM0808_IE_GLOBAL_CALL_REF);
-       if (tlv) {
-               if (tlv->len > sizeof(conn->lcls.global_call_ref))
-                       LOGPFSML(conn->fi, LOGL_ERROR, "Global Call Ref IE of 
%u bytes is too long\n",
-                               tlv->len);
-               else {
-                       LOGPFSM(conn->fi, "Setting GCR to %s\n", 
osmo_hexdump_nospc(tlv->val, tlv->len));
-                       memcpy(&conn->lcls.global_call_ref, tlv->val, tlv->len);
-                       conn->lcls.global_call_ref_len = tlv->len;
-               }
+       if (gcr_len > sizeof(conn->lcls.global_call_ref))
+               LOGPFSML(conn->fi, LOGL_ERROR, "Global Call Ref IE of %u bytes 
is too long\n",
+                        gcr_len);
+       else {
+               gcr = TLVP_VAL_MINLEN(tp, GSM0808_IE_GLOBAL_CALL_REF, 13);
+               if (gcr) {
+                       LOGPFSM(conn->fi, "Setting GCR to %s\n", 
osmo_hexdump_nospc(gcr, gcr_len));
+                       memcpy(&conn->lcls.global_call_ref, gcr, gcr_len);
+                       conn->lcls.global_call_ref_len = gcr_len;
+               } else
+                       LOGPFSML(conn->fi, LOGL_ERROR, "Global Call Ref IE of 
%u bytes is too short\n",
+                                gcr_len);
        }

        config = TLVP_VAL_MINLEN(tp, GSM0808_IE_LCLS_CONFIG, 1);

--
To view, visit https://gerrit.osmocom.org/11689
To unsubscribe, or for help writing mail filters, visit 
https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-bsc
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I9690e1b2d14e41471413bb35eb22fa6c4c4d67fd
Gerrit-Change-Number: 11689
Gerrit-PatchSet: 1
Gerrit-Owner: Max <[email protected]>

Change in osmo-bsc[master]: LCLS: tighten GCR check

Reply via email to