From 186f87826608fe43060f446ae6d171cd7c56d27b Mon Sep 17 00:00:00 2001 From: Oliver Smith Date: Thu, 6 Jun 2019 16:11:32 +0200 Subject: gsm48_decode_bcd_number2: fix ENOSPC edge case Return ENOSPC if the decoding buffer is one byte too small, instead of returning 0 and silently truncating the string. Add a new "truncated" variable to detect if the loop breaks in the final iteration. The string is not truncated if there is exactly one 0xf ('\0') higher nibble remaining. This is covered by the existing test case "long 15-digit (maximum) MSISDN, limited buffer". Related: OS#4049 Change-Id: Ie05900aca50cc7fe8a45d17844dbfcd905fd82fe --- tests/gsm0408/gsm0408_test.c | 11 +++++++++++ tests/gsm0408/gsm0408_test.ok | 4 ++++ 2 files changed, 15 insertions(+) (limited to 'tests') diff --git a/tests/gsm0408/gsm0408_test.c b/tests/gsm0408/gsm0408_test.c index b5f80614..db1d45ad 100644 --- a/tests/gsm0408/gsm0408_test.c +++ b/tests/gsm0408/gsm0408_test.c @@ -727,6 +727,17 @@ static const struct bcd_number_test { .dec_ascii = "(none)", .dec_rc = -EIO, }, + { + .test_name = "decoding buffer is one byte too small (OS#4049)", + + /* Decoding test */ + .dec_hex = "022143", /* "1234" */ + .dec_ascii = "123", /* '4' was truncated */ + .dec_rc = -ENOSPC, + + /* Buffer length limitations */ + .dec_buf_lim = 4, + }, }; static void test_bcd_number_encode_decode() diff --git a/tests/gsm0408/gsm0408_test.ok b/tests/gsm0408/gsm0408_test.ok index 844c2018..d343869f 100644 --- a/tests/gsm0408/gsm0408_test.ok +++ b/tests/gsm0408/gsm0408_test.ok @@ -186,6 +186,10 @@ BSD number encoding / decoding test - Decoding HEX (buffer limit=0) ''... - Expected: (rc=-5) '(none)' - Actual: (rc=-5) '(none)' +- Running test: decoding buffer is one byte too small (OS#4049) + - Decoding HEX (buffer limit=4) '022143'... + - Expected: (rc=-28) '123' + - Actual: (rc=-28) '123' Constructed RA: 077-121-666-5 -- cgit v1.2.3