projects / osmocom-bb.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7d0bce3)
ussd: Make sure that we at least have 8 bytes when decoding the string
authorHolger Hans Peter Freyther <zecke@selfish.org>
Mon, 11 Oct 2010 07:23:50 +0000 (09:23 +0200)
committerHolger Hans Peter Freyther <zecke@selfish.org>
Mon, 11 Oct 2010 07:26:20 +0000 (09:26 +0200)
The actual gsm_7bit_decode can still cause a buffer overrun
but at least we are safe until this point.

src/gsm0480.c patch | blob | history

diff --git a/src/gsm0480.c b/src/gsm0480.c
index 73be8ac..4b1471f 100644 (file)
--- a/src/gsm0480.c
+++ b/src/gsm0480.c
@@ -386,6 +386,12 @@ static int parse_process_uss_req(const uint8_t *uss_req_data, uint16_t length,
        int num_chars;
        uint8_t dcs;
 
+
+       /* we need at least that much */
+       if (length < 8)
+               return 0;
+
+
        if (uss_req_data[0] == GSM_0480_SEQUENCE_TAG) {
                if (uss_req_data[2] == ASN1_OCTET_STRING_TAG) {
                        dcs = uss_req_data[4];
Unnamed repository; edit this file to name it for gitweb.