Hi,
The second loop in osmo_revbytebits_buf() in src/bits.c grabs 4 bytes
each iteration, which can easily go past the supplied input in some
cases. Compiled with -fstack-protector , I get a "stack smashing
detected" in the bits test.
Attached patch should deal with that.
diff --git a/src/bits.c b/src/bits.c
index 4c67bdd..a159fc9 100644
--- a/src/bits.c
+++ b/src/bits.c
@@ -173,7 +173,7 @@ void osmo_revbytebits_buf(uint8_t *buf, int len)
return;
}
- for (i = unaligned_cnt; i < len; i += 4) {
+ for (i = unaligned_cnt; i + 3 < len; i += 4) {
uint32_t *cur = (uint32_t *) (buf + i);
*cur = osmo_revbytebits_32(*cur);
len_remain -= 4;
