summaryrefslogtreecommitdiffstats
path: root/src/gsmtap_util.c
diff options
context:
space:
mode:
authorVadim Yanitskiy <axilirator@gmail.com>2018-01-20 04:52:43 +0600
committerHarald Welte <laforge@gnumonks.org>2018-01-22 10:35:53 +0000
commitbd33a9568e0d8e7fca6f4cbbaa224277ed1c3fef (patch)
treec7c16937d854a908e7a9f577e972cc55e39bbae6 /src/gsmtap_util.c
parent3da793857d78142e3594c67f4405ad19b57e9cd1 (diff)
tests/ussd: prevent uninitialized memory access
Previously an incorrect length value was passed to both gsm_7bit_decode_n_ussd() and gsm_7bit_encode_n_ussd() functions during test_7bit_ussd() execution, due to: octets_written = strlen(decoded); The problem is that a 7-bit encoded string takes less memory than its 8-bit equivalent. So, here strlen() returns one-byte bigger value, that octets_written is. This then causes the uninitialized memory access. Found using Valgrind: Conditional jump or move depends on uninitialised value(s) at 0x506DCCC: gsm_7bit_decode_n_ussd (gsm_utils.c:248) by 0x40134B: test_7bit_ussd (ussd_test.c:104) by 0x400F5D: main (ussd_test.c:161) Conditional jump or move depends on uninitialised value(s) at 0x506DBB7: gsm_7bit_decode_n_hdr (gsm_utils.c:220) by 0x506DC9E: gsm_7bit_decode_n_ussd (gsm_utils.c:246) by 0x40134B: test_7bit_ussd (ussd_test.c:104) by 0x400F5D: main (ussd_test.c:161) Conditional jump or move depends on uninitialised value(s) at 0x506DBCB: gsm_septet_lookup (gsm_utils.c:153) by 0x506DBCB: gsm_7bit_decode_n_hdr (gsm_utils.c:224) by 0x506DC9E: gsm_7bit_decode_n_ussd (gsm_utils.c:246) by 0x40134B: test_7bit_ussd (ussd_test.c:104) by 0x400F5D: main (ussd_test.c:161) Change-Id: Ic31805b6a5a917dfc6284edba6ffdd21246ac20c
Diffstat (limited to 'src/gsmtap_util.c')
0 files changed, 0 insertions, 0 deletions