Pau Espin Pedrol has posted comments on this change. ( https://gerrit.osmocom.org/12227 )
Change subject: ACL: integrate sanitize check into sgsn_acl_* functions ...................................................................... Patch Set 2: Code-Review-1 (5 comments) https://gerrit.osmocom.org/#/c/12227/2/src/gprs/sgsn_auth.c File src/gprs/sgsn_auth.c: https://gerrit.osmocom.org/#/c/12227/2/src/gprs/sgsn_auth.c@46 PS2, Line 46: static bool imsi_sanitize(char *dst, size_t dst_len, const char *imsi) Document minimally what this function does. https://gerrit.osmocom.org/#/c/12227/2/src/gprs/sgsn_auth.c@53 PS2, Line 53: return true; This return code looks weird, returning true if it did nothing on the dst buffer and false otherwise. https://gerrit.osmocom.org/#/c/12227/2/src/gprs/sgsn_auth.c@65 PS2, Line 65: if (imsi_sanitize(imsi_sanitized, sizeof(imsi_sanitized), imsi)) same as comment in sgsn_acl_add. https://gerrit.osmocom.org/#/c/12227/2/src/gprs/sgsn_auth.c@89 PS2, Line 89: if (imsi_sanitize(acl->imsi, sizeof(acl->imsi), imsi)) I think sanitizing the imsi should be done by caller of sgsn_acl_* based on where the information come from (from the wire or from known sanitized source). Is there any good reason to do it here? https://gerrit.osmocom.org/#/c/12227/2/src/gprs/sgsn_vty.c File src/gprs/sgsn_vty.c: https://gerrit.osmocom.org/#/c/12227/2/src/gprs/sgsn_vty.c@a650 PS2, Line 650: See my comment, I think osmo_imsi_sanitize() should be used here. -- To view, visit https://gerrit.osmocom.org/12227 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Ic3dff108148683b107e9edac430a0475283580e9 Gerrit-Change-Number: 12227 Gerrit-PatchSet: 2 Gerrit-Owner: Max <[email protected]> Gerrit-Reviewer: Jenkins Builder (1000002) Gerrit-Reviewer: Pau Espin Pedrol <[email protected]> Gerrit-Comment-Date: Mon, 10 Dec 2018 16:08:07 +0000 Gerrit-HasComments: Yes Gerrit-HasLabels: Yes
