paulmataruso/osmo-mgw
1
0
Fork 0
mirror of https://gitea.osmocom.org/cellular-infrastructure/osmo-mgw.git synced 2025-11-04 05:53:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

nat: Some more input validation... on the paging command.

Browse Source
This commit is contained in:
Holger Hans Peter Freyther
2010-03-30 06:51:23 +02:00
parent a5784b58f0
commit e9be5175ff
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
openbsc/src/nat/bsc_nat_utils.c
View File

@@ -80,6 +80,11 @@ struct bsc_connection *bsc_nat_find_bsc(struct bsc_nat *nat, struct msgb *msg)
struct tlv_parsed tp; struct tlv_parsed tp;
int i = 0; int i = 0;
if (!msg->l3h || msgb_l3len(msg) < 3) {
LOGP(DNAT, LOGL_ERROR, "Paging message is too short.\n");
return NULL;
}
tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 3, msgb_l3len(msg) - 3, 0, 0); tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 3, msgb_l3len(msg) - 3, 0, 0);
if (!TLVP_PRESENT(&tp, GSM0808_IE_CELL_IDENTIFIER_LIST)) { if (!TLVP_PRESENT(&tp, GSM0808_IE_CELL_IDENTIFIER_LIST)) {
LOGP(DNAT, LOGL_ERROR, "No CellIdentifier List inside paging msg.\n"); LOGP(DNAT, LOGL_ERROR, "No CellIdentifier List inside paging msg.\n");