From f2210030440d71a56940e02822532977609a1d05 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sat, 31 Aug 2019 21:25:05 +0200 Subject: cbsp: Fix endless loop iteration when decoding cell list IEs The CBSP code assumed that gsm0808_decode_cell_id_u() would return the number of bytes it has consumed/parsed. But it actually always returns '0', whcih makes us run in an endless loop :( Change-Id: I5758af4ec11a827d4b888a3a16c4ec22de90a7d6 --- include/osmocom/gsm/gsm0808_utils.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/osmocom') diff --git a/include/osmocom/gsm/gsm0808_utils.h b/include/osmocom/gsm/gsm0808_utils.h index 76db2b6d..ccdf5ed9 100644 --- a/include/osmocom/gsm/gsm0808_utils.h +++ b/include/osmocom/gsm/gsm0808_utils.h @@ -95,6 +95,7 @@ void gsm0808_cell_id_from_cgi(struct gsm0808_cell_id *cid, enum CELL_IDENT id_di int gsm0808_cell_id_to_cgi(struct osmo_cell_global_id *cgi, const struct gsm0808_cell_id *cid); void gsm0808_msgb_put_cell_id_u(struct msgb *msg, enum CELL_IDENT id_discr, const union gsm0808_cell_id_u *u); int gsm0808_decode_cell_id_u(union gsm0808_cell_id_u *out, enum CELL_IDENT discr, const uint8_t *buf, unsigned int len); +int gsm0808_cell_id_size(enum CELL_IDENT discr); uint8_t gsm0808_enc_cause(struct msgb *msg, uint16_t cause); uint8_t gsm0808_enc_aoip_trasp_addr(struct msgb *msg, -- cgit v1.2.3