From: Holger Hans Peter Freyther <[email protected]>
The msgb will always have these bytes but it is better practice
to verify that the message really has space for the two bytes.
---
openbsc/src/osmo-bsc_nat/bsc_nat.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c
b/openbsc/src/osmo-bsc_nat/bsc_nat.c
index 4357485..537001e 100644
--- a/openbsc/src/osmo-bsc_nat/bsc_nat.c
+++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c
@@ -1185,7 +1185,7 @@ exit:
send_reset_ack(bsc);
} else if (parsed->ipa_proto == IPAC_PROTO_IPACCESS) {
/* do we know who is handling this? */
- if (msg->l2h[0] == IPAC_MSGT_ID_RESP) {
+ if (msg->l2h[0] == IPAC_MSGT_ID_RESP && msgb_l2len(msg) > 2) {
struct tlv_parsed tvp;
int ret;
ret = ipa_ccm_idtag_parse(&tvp,
--
2.3.5
