cellular-infrastructure
/
osmo-pcu
mirror of https://gerrit.osmocom.org/osmo-pcu
9
0
Fork 1
Code Issues Releases Wiki Activity

check bssgp_tlv_parse() return code in gprs_bssgp_pcu_rcvmsg() 

The return code from bssgp_tlv_parse() was not checked for a parsing
error. In case of a parsing error the stored return code could have
been overwritten later in this function.

Explicitly check for a parsing error, log corresponding packets,
and return an "invalid mandatory information" error status to
the sender. To avoid loops, do not respond with an error status
to STATUS PDUs.

Change-Id: I56e10a97cda7fd2d40bc7b4b2e6202f97772e1b3
Related: OS#3178
This commit is contained in:
Stefan Sperling 2018-06-25 12:17:39 +02:00
parent e176a4d047
commit 3df1532e97
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/gprs_bssgp_pcu.cpp
View File

@ -388,6 +388,13 @@ static int gprs_bssgp_pcu_rcvmsg(struct msgb *msg)
data_len = msgb_bssgp_len(msg) - sizeof(*budh);
rc = bssgp_tlv_parse(&tp, budh->data, data_len);
}
if (rc < 0) {
LOGP(DBSSGP, LOGL_ERROR, "Failed to parse BSSGP %s message. Invalid message was: %s\n",
bssgp_pdu_str(pdu_type), msgb_hexdump(msg));
if (pdu_type != BSSGP_PDUT_STATUS)
return bssgp_tx_status(BSSGP_CAUSE_INV_MAND_INF, NULL, msg);
return rc;
}
if (pdu_type == BSSGP_PDUT_BVC_RESET) {
rc = bssgp_rcvmsg(msg);