The 7bit<->8bit encoding/decoding functions didn't check whether
there is still enough space in the destination buffer. Therefore a
buffer size parameter has been added to each of the functions which
is used to truncate the output if the buffer is too small.
In addition, the return value of the decoding functions has been
changed to number of characters written (excluding \0), so this
value is always equal to strlen(decoded).
The old functions are still available as wrapper functions.
if (ptr)
msgb_free(ptr)
extends to:
if (ptr)
talloc_free(ptr)
And according to the talloc documentation a talloc_free(NULL)
will not crash: "... Likewise, if "ptr" is NULL, then the function
will make no modifications and returns -1."
Renamed gsm_7bit_ussd() to test_7bit_ussd() and extended the function
to take the expected binary encoding and eventually added trailing
bytes in the re-decoded text as arguments. These are used to check
assertions of the right behaviour instead of solely relying on
regression data, because the value are determined by the spec and
fixed and it is more obvious this way. Especially concerning the case
with the duplicated \r which can easily be overlooked when it's only
present in the ok file.
Handling 7-bit coding is a little different for USSD, as TS 03.38
states:
To avoid the situation where the receiving entity confuses 7 binary
zero pad bits as the @ character, the carriage return or <CR>
character shall be used for padding in this situation [...].
If <CR> is intended to be the last character and the message
(including the wanted <CR>) ends on an octet boundary, then another
<CR> must be added together with a padding bit 0. The receiving entity
will perform the carriage return function twice, but this will not
result in misoperation as the definition of <CR> [...] is identical to
the definition of <CR><CR>.
The receiving entity shall remove the final <CR> character where the
message ends on an octet boundary with <CR> as the last character.
Jacob has verified the fix with fakeBTS and the wireshark dissector.
Fixes: OW#947
Reviewed-by: Jacob Erlbeck <jerlbeck@sysmocom.de>
Compiled with ubuntu 1204 (precise), where -Wformat-security is enabled by
-Wall.
Test yields ok, but the current implementation doesn't properly support
multi-character separators and end strings. So the test output is truncated.
Addresses:
utils.c: In function 'vty_cmd_string_from_valstr':
utils.c:84:2: warning: format not a string literal and no format arguments [-Wformat-security]
utils.c:84:2: warning: format not a string literal and no format arguments [-Wformat-security]
utils.c:108:2: warning: format not a string literal and no format arguments [-Wformat-security]
utils.c:108:2: warning: format not a string literal and no format arguments [-Wformat-security]
osmo-auc-gen.c:217:3: warning: implicit declaration of function ‘time’ [-Wimplicit-function-declaration]
osmo-auc-gen.c:249:3: warning: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 2 has type ‘uint64_t’ [-Wformat]
Fixes: Coverity CID 1040668
The code most likely wanted to check the result of argv_concat.
To do this we need to dereference the dptr.
Logically dead code (DEADCODE)
dead_error_line: Execution cannot reach this statement "return 1;
Fixes: Coverity CID 1040675
lapdm.c takes the re-establishment message and forwards it to lapd_core.c,
so we can assume that msgb is set at primitive. In case there is data in
the re-establishment msg, it is moved into send_buffer. In case of no
data (0 length), it must be freed.
Fixes an issue spotted by Coverity Scan.
This reverts commit f996b05dbd
and 2b0cac4ef8. A detailed
explanation can be found here:
http://lists.osmocom.org/pipermail/openbsc/2013-July/004737.html
The short description is that:
1.) The API should return (as out parameter) the number of
octets used.
2.) The handling for the <CR> encoding only applies to USSD
and it is incomplete. On top of that it broke the SMS test.
To avoid the situation where the receiving entity confuses 7 binary zero pad
bits as the @ character, the carriage return or <CR> character shall be used
for padding in this situation.
If the datalink fails or if handover or assignment to a new channel fails,
it is re-establised by sending SABM again. The length of establish message
is 0 in this case. The length is used to differentiate between
re-establishment and contention resolution, which has to be handled
differently.
See TS 04.06 Chapter 5.4.2.1
In order to control layer 1 via primitives, MPH primitives are required.
There is only one (MPH-INFO) primitive defined in TS 04.04 for all control
and measurement functions. A type identifier inside this primitive is used
to differentiate between different functions.
The TCH primitives are used to carry traffic. TCH primitives carry voice
or data traffic, whereas PH-DATA primitives carry FACCH data.
PH_RTS and TCH_RTS (ready-to-send) primitives are used to poll requests
from upper layers.
It is impossible that the snprintf will fill the entire namebuf
but just follow the idiom to make sure it is null terminated.
Related: Coverity CID 1040676
These routines were not freeing vectors used for the lookup. On
review it is fixing another path not detected by coverity.
The danger is a double free in tab completion now. It is difficult
to test this.
Fixes: Coverity CID 23037, CID 23038
The &buf[3] is unlikely to be aligned properly. Use memcpy instead
of an assignment. Add a small testcase that verifies that I didn't
mess up the conversion.
Alignment trap: osmo-nitb (3293) PC=0x492b7094 Instr=0xe5803003 Address=0xbeb259db FSR 0x801
This already came up during review but now that Coverity complains
about it as well, let us just remove it. The variable is unsigned
so it can never be < 0.
Fixes: Coverity CID 1040669.
The modified macro is still working on a gcc 4.7 and gcc 4.8 after the
removal of the typedef and addition of the unused attribute.
include/osmocom/core/msgb.h: In function ‘msgb_alloc_headroom’:
include/osmocom/core/utils.h:40:51: warning: typedef ‘dummyheadroom_bigger’ locally defined but not used [-Wunused-local-typedefs]
#define osmo_static_assert(exp, name) typedef int dummy##name [(exp) ? 1 : -1];
^
include/osmocom/core/msgb.h:386:2: note: in expansion of macro ‘osmo_static_assert’
osmo_static_assert(size > headroom, headroom_bigger);
^
If the BTS tells us to not send any data at all anymore (bucket leak
rate of 0 bits per second), then we should respect this and not run into
a divide-by-zero. However, as this indicates complete overload, we
print a log message to that regard.
On Ubuntu 13.04 the build was failing on the OBS with:
/usr/bin/ld: fr_test.o: undefined reference to symbol 'dlsym@@GLIBC_2.2.5'
/usr/bin/ld: note: 'dlsym@@GLIBC_2.2.5' is defined in DSO /lib/x86_64-linux-gnu/libdl.so.2 so try adding it to the linker command line
/lib/x86_64-linux-gnu/libdl.so.2: could not read symbols: Invalid operation
collect2: error: ld returned 1 exit status
The issue about the wrong padding has been found when creating the
testcase in commit 15f740caa3 but the
patch to fix that was never proposed by inclusion by its author.
The issue about about the establish confirm carrying data with
a wrong size is still present.
When a SABM(E) frame arrives, we have to trim the L2 padding (0x2b for
gsm) before handing the data off to L3, just like we do with I frames.
Also, we should use mggb_trim() or even msgb_l3trim() instead of
manually fiddling with msgb->length and ->tail pointers.