fix bug in parse_cell_id_ci_list()

Cell ID lists with CI were misparsed because parse_cell_id_ci_list() failed to report the amount of consumed bytes to its caller. Also add a regression test which uncovered the bug. Change-Id: Ife4e485e2b86c6f3321c9700611700115ad247b2 Depends: If6b941720de33dca66b6b1aa2cb95a3275708b7f Related: OS#2847
2018-03-16 10:23:34 +01:00 · 2018-03-16 10:23:34 +01:00 · 9c62fc69a8
parent 2338145d5b
commit 9c62fc69a8
2 changed files with 36 additions and 1 deletions
--- a/src/gsm/gsm0808_utils.c
+++ b/src/gsm/gsm0808_utils.c
@ -756,7 +756,7 @@ static int parse_cell_id_ci_list(struct gsm0808_cell_id_list2 *cil, const uint8_
 		if (i >= GSM0808_CELL_ID_LIST2_MAXLEN)
 			return -ENOSPC;
 		cil->id_list[i++].ci = osmo_load16be(ci_be++);
-		consumed += elemlen;
+		*consumed += elemlen;
 		remain -= elemlen;
 	}
 	return i;
--- a/tests/gsm0808/gsm0808_test.c
+++ b/tests/gsm0808/gsm0808_test.c
@ -920,6 +920,40 @@ static void test_gsm0808_enc_dec_cell_id_list_multi_lai_and_lac()
 	msgb_free(msg);
 }

+static void test_gsm0808_enc_dec_cell_id_list_multi_ci()
+{
+	struct gsm0808_cell_id_list2 enc_cil;
+	struct gsm0808_cell_id_list2 dec_cil;
+	struct msgb *msg;
+	uint8_t cil_enc_expected[] = { GSM0808_IE_CELL_IDENTIFIER_LIST, 0x09, 0x02,
+		0x00, 0x01,
+		0x00, 0x02,
+		0x00, 0x77,
+		0x01, 0xff,
+	};
+	uint8_t rc_enc;
+	int rc_dec;
+
+	memset(&enc_cil, 0, sizeof(enc_cil));
+	enc_cil.id_discr = CELL_IDENT_CI;
+	enc_cil.id_list[0].ci = 1;
+	enc_cil.id_list[1].ci = 2;
+	enc_cil.id_list[2].ci = 119;
+	enc_cil.id_list[3].ci = 511;
+	enc_cil.id_list_len = 4;
+
+	msg = msgb_alloc(1024, "output buffer");
+	rc_enc = gsm0808_enc_cell_id_list2(msg, &enc_cil);
+	OSMO_ASSERT(rc_enc == sizeof(cil_enc_expected));
+	OSMO_ASSERT(memcmp(cil_enc_expected, msg->data, msg->len) == 0);
+
+	rc_dec = gsm0808_dec_cell_id_list2(&dec_cil, msg->data + 2, msg->len - 2);
+	OSMO_ASSERT(rc_dec == msg->len - 2);
+	OSMO_ASSERT(memcmp(&enc_cil, &dec_cil, sizeof(enc_cil)) == 0);
+
+	msgb_free(msg);
+}
+
 int main(int argc, char **argv)
 {
 	printf("Testing generation of GSM0808 messages\n");
@ -956,6 +990,7 @@ int main(int argc, char **argv)
 	test_gsm0808_enc_dec_cell_id_list_multi_lac();
 	test_gsm0808_enc_dec_cell_id_list_bss();
 	test_gsm0808_enc_dec_cell_id_list_multi_lai_and_lac();
+	test_gsm0808_enc_dec_cell_id_list_multi_ci();

 	printf("Done\n");
 	return EXIT_SUCCESS;