phone-side
/
osmo-qcdiag
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

diag_read_msg(): Discard any messages shorter than 3 bytes 

The 16bit CRC and the FLAG octet together are 3 bytes.  If a message is
shorter than that, something is going wrong, for sure.
This commit is contained in:
Harald Welte 2017-01-07 16:27:50 +01:00
parent 4ae0936123
commit a115fbb1bb
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/diag_io.c
View File

@ -123,6 +123,12 @@ struct msgb *diag_read_msg(struct diag_instance *di)
if (rc == HDLC_COMPLETE) {
di->rx.msg = NULL;
if (msgb_length(msg) < 3) {
msgb_free(msg);
return NULL;
}
rc = crc_check(msgb_data(msg), msgb_length(msg));
if (rc) {
fprintf(stderr, "Bad CRC, dropping packet\n");