summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/gb/gprs_bssgp.c2
-rw-r--r--src/gb/gprs_bssgp_bss.c1
2 files changed, 3 insertions, 0 deletions
diff --git a/src/gb/gprs_bssgp.c b/src/gb/gprs_bssgp.c
index 896f1c5a..38794c28 100644
--- a/src/gb/gprs_bssgp.c
+++ b/src/gb/gprs_bssgp.c
@@ -1178,6 +1178,7 @@ int bssgp_tx_dl_ud(struct msgb *msg, uint16_t pdu_lifetime,
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Warray-bounds"
int imsi_len = gsm48_generate_mid_from_imsi(mi, dup->imsi);
+ OSMO_ASSERT(imsi_len <= GSM48_MID_MAX_SIZE);
if (imsi_len > 2)
msgb_tvlv_push(msg, BSSGP_IE_IMSI,
imsi_len-2, mi+2);
@@ -1247,6 +1248,7 @@ int bssgp_tx_paging(uint16_t nsei, uint16_t ns_bvci,
* mi[131], which is wrong */
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Warray-bounds"
+ OSMO_ASSERT(imsi_len <= GSM48_MID_MAX_SIZE);
msgb_tvlv_put(msg, BSSGP_IE_IMSI, imsi_len-2, mi+2);
#pragma GCC diagnostic pop
/* DRX Parameters */
diff --git a/src/gb/gprs_bssgp_bss.c b/src/gb/gprs_bssgp_bss.c
index f06c403f..5c9d11cc 100644
--- a/src/gb/gprs_bssgp_bss.c
+++ b/src/gb/gprs_bssgp_bss.c
@@ -189,6 +189,7 @@ int bssgp_tx_radio_status_imsi(struct bssgp_bvc_ctx *bctx, uint8_t cause,
* mi[131], which is wrong */
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Warray-bounds"
+ OSMO_ASSERT(imsi_len <= GSM48_MID_MAX_SIZE);
/* strip the MI type and length values (2 bytes) */
if (imsi_len > 2)
msgb_tvlv_put(msg, BSSGP_IE_IMSI, imsi_len-2, mi+2);
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-03 07:34:53 +0000