osmocom
/
libosmocore
mirror of https://gerrit.osmocom.org/libosmocore
14
0
Fork 1
Code Issues Releases Wiki Activity
libosmocore/src/gsm
History
Harald Welte 96c61074f5 tlv_parser: Fix various out-of-bounds accesses 
The libosmocore TLV parser had a number of insufficient bounds checks
leading to reads beyond the end of the respective input buffer.

This patch
* adds proper out-of-bounds checks to all TLV types
* simplifies some of the existing checks
* introduces test cases to test all the corner cases
  where either TAG, or length, or value are not fully contained
  in the input buffer.

Thanks to Ilja Van Sprundel for reporting these problems.

Change-Id: I98b02c914c9e3ecf56050af846292aa6979d7508
 		2021-01-12 23:24:12 +01:00
..
milenage add osmo_auth_c3() (separate from gsm_milenage()) 2017-12-18 23:05:24 +00:00
Makefile.am Bump version: 1.3.0.173-51974 → 1.4.0 2020-08-13 11:06:36 +02:00
a5.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
abis_nm.c gsm 12.21: add osmocom specific NM_ATT_OSMO_NS_LINK_CFG 2020-08-06 16:41:20 +00:00
apn.c make all library-internal static buffers thread-local 2019-06-04 10:47:30 +02:00
auth_comp128v1.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
auth_comp128v23.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
auth_core.c Use define for key buffers 2018-12-20 09:51:02 +00:00
auth_milenage.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
auth_xor.c libosmogsm: add support for XOR authentication 2019-11-22 17:39:42 +00:00
bts_features.c bts_features: add feature BTS_FEAT_IPV6_NSVC 2020-07-28 13:58:46 +02:00
cbsp.c cbsp: Fix decoding of WRITE-REPLACE payload 2019-09-01 22:32:24 +02:00
comp128.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
comp128v23.c comp128v23 (minor): update original code site and author 2018-08-04 17:23:23 +02:00
gan.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
gea.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
gprs_cipher_core.c Fix embedded build 2017-12-04 09:40:32 +00:00
gprs_gea.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
gprs_rlc.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
gsm48.c api comment: fix example of osmo_mobile_identity_encode_msgb 2020-06-24 11:31:56 +00:00
gsm48_arfcn_range_encode.c port arfcn range encode support from osmo-bsc 2019-01-12 09:51:05 +00:00
gsm48_ie.c gsm48_decode_bcd_number2: fix ENOSPC edge case 2019-06-07 11:01:51 +02:00
gsm48_rest_octets.c rest_octets: fix encoding of 3G Early Classmark Sending Restriction 2020-05-05 02:03:51 +07:00
gsm0341.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
gsm0411_smc.c gsm0411_{smc,smr}.c: Work around newlib bug 2020-07-30 21:35:10 +02:00
gsm0411_smr.c gsm0411_{smc,smr}.c: Work around newlib bug 2020-07-30 21:35:10 +02:00
gsm0411_utils.c libosmogsm: (re)introduce gsm48_push_l3hdr() 2018-08-05 23:21:43 +07:00
gsm0414.c doxygen: unify use of \file across the board 2017-06-23 00:18:23 +00:00
gsm0480.c 04.80: Deprecate gsm0480_create_ussd_resp() 2019-11-30 12:39:39 +00:00
gsm0502.c libosmogsm: add Doxygen docs for gsm0502_hop_seq_gen() 2020-05-15 17:56:41 +00:00
gsm0808.c fixup for gsm0808_create_common_id(): add API doc, use new MI API 2020-07-14 10:36:17 +00:00
gsm0808_utils.c gsm0808_utils: Add gsm0808_get_cipher_reject_cause() back with a deprecation notice. 2020-05-14 09:02:39 +00:00
gsm23003.c fix isdigit taking unsigned as input 2019-06-13 13:49:30 +00:00
gsm23236.c add gsm23236: MSC pooling: TMSI and NRI utility functions 2020-06-10 14:20:49 +02:00
gsm29118.c Revert "add osmo_mobile_identity API" 2020-06-16 09:21:08 +02:00
gsm29205.c LCLS: add string dump helpers 2019-02-26 09:16:38 +00:00
gsm48049.c gsm/gsm48049.c: fix use of GNU 'missing =' extension in designator 2020-01-21 18:34:04 +07:00
gsm_04_08_gprs.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
gsm_utils.c gsm: gsm_utils: Fix return type of API ms_class_gmsk_dbm() and add unit tests 2019-11-04 12:41:22 +01:00
gsup.c gsup: Introduce OSMO_GSUP_NUM_VECTORS_REQ_IE 2019-12-09 10:54:30 +00:00
gsup_sms.c GSUP/SMS: introduce MO-/MT-FORWARD-SM messages 2018-12-18 21:52:01 +07:00
i460_mux.c i460: Fix bit- and subslots ordering of I.460 mux + demux 2020-08-02 21:57:05 +02:00
ipa.c ipa: Fix ipa_ccm_id_resp_parse on big endian systems 2019-03-28 12:22:36 +00:00
kasumi.c gsm: kasumi: Fix dynamic-stack-buffer-overflow on out buffers not multiple of 64 bits 2018-05-17 12:13:04 +02:00
lapd_core.c lapd_core: After calling into L3, check if the state has changed 2020-07-04 10:52:13 +02:00
lapdm.c lapdm: fix SAPI-0/SAPI-3 frame prioritization on DCCH 2020-08-28 12:52:05 +02:00
libosmogsm.map gsm0808: Add gsm0808_create_common_id() 2020-06-21 22:06:56 +02:00
mncc.c mncc: properly export osmo_mncc_name() 2018-05-24 12:19:45 +02:00
oap.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
oap_client.c oap_client: Fix license: GPLv2+ instead of AGPLv3+ 2019-05-27 23:26:45 +02:00
rsl.c gsm_08_58: add missing RSL error cause codes 2020-07-31 21:23:49 +00:00
rxlev_stat.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
sysinfo.c Fix/Update copyright notices; Add SPDX annotation 2017-11-13 01:35:12 +09:00
tlv_parser.c tlv_parser: Fix various out-of-bounds accesses 2021-01-12 23:24:12 +01:00