paulmataruso/osmo-mgw
1
0
Fork 0
mirror of https://gitea.osmocom.org/cellular-infrastructure/osmo-mgw.git synced 2025-11-02 04:53:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

[mgcp] Fix two bugs in the protocol handling

Browse Source 
In case of a wrongly formatted AUEP, CRCX, DLCX, MDCX the
transaction id pointer was a dangling pointer... Initialize
the transaction id to a static string..

Also fix a off by one bug. We want to extract four elements
from the MGCP message and not only 3... So a short AUEP message
made it us read too many things.
This commit is contained in:
Holger Hans Peter Freyther
2010-02-26 13:32:55 +01:00
parent 63f2db2ec9
commit a820c5f89d
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
openbsc/src/mgcp/mgcp_protocol.c
View File

@@ -302,6 +302,8 @@ static int analyze_header(struct mgcp_config *cfg, struct msgb *msg,
{
int found;
*transaction_id = "000000";
if (size < 3) {
LOGP(DMGCP, LOGL_ERROR, "Not enough space in ptr\n");
return -1;
@@ -309,7 +311,7 @@ static int analyze_header(struct mgcp_config *cfg, struct msgb *msg,
found = find_msg_pointers(msg, ptr, size);
if (found < 3) {
if (found <= 3) {
LOGP(DMGCP, LOGL_ERROR, "Gateway: Not enough params. Found: %d\n", found);
return -1;
}