cellular-infrastructure
/
osmo-msc
mirror of https://gerrit.osmocom.org/osmo-msc
9
0
Fork 0
Code Issues Releases Wiki Activity

SMPP: Don't accept password or system-id exceeding spec length 

The SMPP 3.4 specification defines the password field as a
"Variable-length octet string with maximum length of 9", and according
to table 3-1 this means including the terminating NUL-byte.

However, OsmoMSC allows to configure longer passwords in the ESME
configuration. Those passwords will then never match, as libsmpp34
performs length validation and generates a parser error for anyone
trying to send a longer password via SMPP.

The same applies for system-id, where we have to permit only 15
characters with zero termination, but not 16 characters.

Change-Id: I81ef593e84bf1e15f6746386fc145495fae29354
Closes: OS#3166
This commit is contained in:
Harald Welte 2019-05-08 23:55:58 +02:00
parent 7f85acea9b
commit c0847d641c
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/libmsc/smpp_smsc.h
View File

@ -13,8 +13,8 @@
#include <smpp34_structs.h>
#include <smpp34_params.h>
#define SMPP_SYS_ID_LEN 16
#define SMPP_PASSWD_LEN 16
#define SMPP_SYS_ID_LEN 15
#define SMPP_PASSWD_LEN 8
#define MODE_7BIT 7
#define MODE_8BIT 8