paulmataruso/osmo-mgw
1
0
Fork 0
mirror of https://gitea.osmocom.org/cellular-infrastructure/osmo-mgw.git synced 2025-11-01 20:43:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

src: more robust ipaccess_idtag_parse()

Browse Source 
Now ipaccess_idtag_parse() returns -EINVAL instead of -1. We also
check for the return value of this function in every invocation to
skip further processing in case of messages with malformed TLVs.

This idea was suggested by Zecke.
This commit is contained in:
Pablo Neira Ayuso
2011-04-11 16:32:50 +02:00
committed by Harald Welte
parent 0d20b63574
commit ca05d432d7
3 changed files with 23 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
openbsc/src/libabis/input/ipaccess.c
View File

@@ -123,7 +123,7 @@ int ipaccess_idtag_parse(struct tlv_parsed *dec, unsigned char *buf, int len)
if (t_len > len + 1) {
LOGP(DMI, LOGL_ERROR, "The tag does not fit: %d\n", t_len);
return -1;
return -EINVAL;
}
DEBUGPC(DMI, "%s='%s' ", ipaccess_idtag_name(t_tag), cur);
@@ -251,7 +251,7 @@ static int ipaccess_rcvmsg(struct e1inp_line *line, struct msgb *msg,
u_int16_t site_id = 0, bts_id = 0, trx_id = 0;
struct gsm_bts *bts;
char *unitid;
int len;
int len, ret;
/* handle base messages */
ipaccess_rcvmsg_base(msg, bfd);
@@ -260,10 +260,14 @@ static int ipaccess_rcvmsg(struct e1inp_line *line, struct msgb *msg,
case IPAC_MSGT_ID_RESP:
DEBUGP(DMI, "ID_RESP ");
/* parse tags, search for Unit ID */
ipaccess_idtag_parse(&tlvp, (u_int8_t *)msg->l2h + 2,
msgb_l2len(msg)-2);
ret = ipaccess_idtag_parse(&tlvp, (u_int8_t *)msg->l2h + 2,
msgb_l2len(msg)-2);
DEBUGP(DMI, "\n");
if (ret < 0) {
LOGP(DINP, LOGL_ERROR, "ignoring IPA response message "
"with malformed TLVs\n");
return ret;
}
if (!TLVP_PRESENT(&tlvp, IPAC_IDTAG_UNIT))
break;

8
openbsc/src/osmo-bsc_nat/bsc_nat.c
View File

@@ -1019,9 +1019,15 @@ exit:
/* do we know who is handling this? */
if (msg->l2h[0] == IPAC_MSGT_ID_RESP) {
struct tlv_parsed tvp;
ipaccess_idtag_parse(&tvp,
int ret;
ret = ipaccess_idtag_parse(&tvp,
(unsigned char *) msg->l2h + 2,
msgb_l2len(msg) - 2);
if (ret < 0) {
LOGP(DNAT, LOGL_ERROR, "ignoring IPA response "
"message with malformed TLVs\n");
return ret;
}
if (TLVP_PRESENT(&tvp, IPAC_IDTAG_UNITNAME))
ipaccess_auth_bsc(&tvp, bsc);
}

8
openbsc/src/osmo-bsc_nat/bsc_ussd.c
View File

@@ -123,9 +123,15 @@ static int ussd_read_cb(struct bsc_fd *bfd)
if (hh->proto == IPAC_PROTO_IPACCESS) {
if (msg->l2h[0] == IPAC_MSGT_ID_RESP) {
struct tlv_parsed tvp;
ipaccess_idtag_parse(&tvp,
int ret;
ret = ipaccess_idtag_parse(&tvp,
(unsigned char *) msg->l2h + 2,
msgb_l2len(msg) - 2);
if (ret < 0) {
LOGP(DNAT, LOGL_ERROR, "ignoring IPA response "
"message with malformed TLVs\n");
return ret;
}
if (TLVP_PRESENT(&tvp, IPAC_IDTAG_UNITNAME))
ussd_auth_con(&tvp, conn);
}