cellular-infrastructure
/
osmo-msc
mirror of https://gerrit.osmocom.org/osmo-msc
9
0
Fork 0
Code Issues Releases Wiki Activity
osmo-msc/include/osmocom/msc
History
Neels Hofmeyr fa10eda6d7 vlr_ciph_result: fix use after free of imeisv 
Define the struct vlr_ciph_result member .imeisv not as a char* but a char[] of
appropriate length, to avoid the need to point to external memory.

Thus fix a use-after-free in msc_cipher_mode_compl(), which defined the
imeisv[] buffer in a sub-scope within that function, so that the .imeisv
pointer was already invalid when fed to vlr_subscr_rx_ciph_res().

Did you notice that the commit summary rhymes?

Closes: OS#3053
Change-Id: I90cfb952a7dec6d104200872164ebadb25d0260d
 		2018-03-13 01:29:04 +01:00
..
Makefile.am remove bsc_api.h and all users - they're all dead code 2018-02-14 00:28:02 +01:00
a_iface.h Introduce new BSSAP logging category/subsystem 2018-02-09 02:22:22 +01:00
a_iface_bssap.h Don't answer to BSC-originated RESET with another RESET 2018-02-09 02:20:51 +01:00
a_reset.h a_reset: Add additional "a_reset_alloc" argument 2018-02-09 02:20:51 +01:00
common.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
common_cs.h cosmetic: gsm_network_init(): imply default 001-01 PLMN 2018-02-27 13:01:42 +01:00
db.h Delete expired SMS automatically. 2018-01-25 20:30:40 +00:00
debug.h Introduce new BSSAP logging category/subsystem 2018-02-09 02:22:22 +01:00
gsm_04_08.h dead code removal 2018-02-14 00:28:07 +01:00
gsm_04_11.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
gsm_04_14.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
gsm_04_80.h msc/gsm_04_80.h: use '#pragma once' instead of includes 2018-01-10 22:17:37 +06:00
gsm_data.h implement support for 3-digit MNC with leading zeros 2018-02-28 19:30:14 +01:00
gsm_data_shared.h remove dead code (gsm_parse_reg) 2018-02-14 09:04:56 +01:00
gsm_subscriber.h Massive removal of unused code/structs/headers 2018-01-25 00:18:05 +01:00
gsup_client.h Change GSUP re-connect interval to 1s 2018-01-28 00:14:25 +00:00
iu_dummy.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
iucs.h iucs: Add a function to return the connection ID for the IU SCCP conn 2018-02-16 08:09:32 +00:00
iucs_ranap.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
mncc.h MNCC: Add input validation 2018-01-23 17:03:05 +00:00
mncc_int.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
msc_ifaces.h mgcp: use osmo-mgw to switch rtp streams 2018-02-05 22:28:43 +00:00
msc_mgcp.h mgcp: use osmo-mgw to switch rtp streams 2018-02-05 22:28:43 +00:00
oap_client.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
openbscdefines.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
osmo_msc.h libmsc: Add a function to return a unique ID of the subscriber conn 2018-02-16 08:09:33 +00:00
rrlp.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
signal.h signal.h: Remove unused/dead signal definitions 2018-01-25 00:38:08 +01:00
silent_call.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
smpp.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
sms_queue.h Add a VTY command which deletes all expired SMS. 2018-01-25 16:16:15 +00:00
transaction.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
ussd.h rename include/openbsc to include/osmocom/msc 2017-09-06 16:41:25 +02:00
vlr.h vlr_ciph_result: fix use after free of imeisv 2018-03-13 01:29:04 +01:00
vty.h Massive removal of unused code/structs/headers 2018-01-25 00:18:05 +01:00