xua_msg: Implement xua_msg_dump() using OSMO_STRBUF
This fixes a buffer overflow when a big message (eg containing long unitada, LUDT) is passed. Change-Id: I3f91586a96df2d683865715dabb4d6bc042fb33f
This commit is contained in:
parent
c4c444ec7e
commit
0d7f99fd59
|
@ -511,37 +511,23 @@ int xua_dialect_check_all_mand_ies(const struct xua_dialect *dialect, struct xua
|
|||
return 1;
|
||||
}
|
||||
|
||||
static void append_to_buf(char *buf, bool *comma, const char *fmt, ...)
|
||||
{
|
||||
va_list ap;
|
||||
|
||||
va_start(ap, fmt);
|
||||
if (!comma || *comma == true) {
|
||||
strcat(buf, ",");
|
||||
} else if (comma)
|
||||
*comma = true;
|
||||
vsprintf(buf+strlen(buf), fmt, ap);
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
char *xua_msg_dump(struct xua_msg *xua, const struct xua_dialect *dialect)
|
||||
{
|
||||
static char buf[1024];
|
||||
struct osmo_strbuf sb = { .buf = buf, .len = sizeof(buf) };
|
||||
struct xua_msg_part *part;
|
||||
const struct xua_msg_class *xmc = NULL;
|
||||
bool comma = false;
|
||||
if (dialect)
|
||||
xmc = dialect->class[xua->hdr.msg_class];
|
||||
|
||||
buf[0] = '\0';
|
||||
|
||||
append_to_buf(buf, &comma, "HDR=(%s,V=%u,LEN=%u)",
|
||||
xua_hdr_dump(xua, dialect),
|
||||
xua->hdr.version, xua->hdr.msg_length);
|
||||
OSMO_STRBUF_PRINTF(sb, "HDR=(%s,V=%u,LEN=%u)", xua_hdr_dump(xua, dialect),
|
||||
xua->hdr.version, xua->hdr.msg_length);
|
||||
|
||||
llist_for_each_entry(part, &xua->headers, entry)
|
||||
append_to_buf(buf, NULL, " PART(T=%s,L=%u,D=%s)",
|
||||
xua_class_iei_name(xmc, part->tag), part->len,
|
||||
osmo_hexdump_nospc(part->dat, part->len));
|
||||
return buf;
|
||||
OSMO_STRBUF_PRINTF(sb, ", PART(T=%s,L=%u,D=%s)",
|
||||
xua_class_iei_name(xmc, part->tag), part->len,
|
||||
osmo_hexdump_nospc(part->dat, part->len));
|
||||
return sb.buf;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue