Paranoid buffer overflow checking improvements.
diff --git a/gtp/gtp.c b/gtp/gtp.c
index e00168c..d1b8cca 100644
--- a/gtp/gtp.c
+++ b/gtp/gtp.c
@@ -193,6 +193,7 @@
inet_ntoa(peer->sin_addr),
ntohs(peer->sin_port),
len);
+ buf[size-1] = 0;
pos = strlen(buf);
for(n=0; n<len; n++) {
if ((pos+4)<size) {
@@ -211,7 +212,7 @@
va_start(args, fmt);
vsnprintf(buf, ERRMSG_SIZE, fmt, args);
va_end(args);
-
+ buf[ERRMSG_SIZE-1] = 0;
syslog(priority, "%s: %d: %s", filename, linenum, buf);
}
@@ -227,11 +228,13 @@
va_start(args, fmt);
vsnprintf(buf, ERRMSG_SIZE, fmt, args);
va_end(args);
+ buf[ERRMSG_SIZE-1] = 0;
snprintf(buf2, ERRMSG_SIZE, "Packet from %s:%u, length: %d, content:",
inet_ntoa(peer->sin_addr),
ntohs(peer->sin_port),
len);
+ buf2[ERRMSG_SIZE-1] = 0;
pos = strlen(buf2);
for(n=0; n<len; n++) {
if ((pos+4)<ERRMSG_SIZE) {
@@ -1044,9 +1047,12 @@
in_addr2gsna(&pdp->gsnlc, &gsn->gsnc);
in_addr2gsna(&pdp->gsnlu, &gsn->gsnu);
+ if (GTP_DEBUG) printf("gtp_create_pdp_ind: Before pdp_tidget\n");
+
if (!pdp_tidget(&pdp_old, ((union gtp_packet*)pack)->gtp0.h.tid)) {
/* Found old pdp with same tid. Now the voodoo begins! */
/* We check that the APN, selection mode and MSISDN is the same */
+ if (GTP_DEBUG) printf("gtp_create_pdp_ind: Old context found\n");
if ( (pdp->apn_req.l == pdp_old->apn_req.l)
&& (!memcmp(pdp->apn_req.v, pdp_old->apn_req.v, pdp->apn_req.l))
&& (pdp->selmode == pdp_old->selmode)
@@ -1058,6 +1064,8 @@
* QoS: MS will get originally negotiated QoS.
* End user address (EUA). MS will get old EUA anyway.
* Protocol configuration option (PCO): Only application can verify */
+
+ if (GTP_DEBUG) printf("gtp_create_pdp_ind: Old context found\n");
/* Copy remote flow label */
pdp_old->flru = pdp->flru;
@@ -1077,10 +1085,13 @@
GTPCAUSE_ACC_REQ);
}
else { /* This is not the same PDP context. Delete the old one. */
+
+ if (GTP_DEBUG) printf("gtp_create_pdp_ind: Deleting old context\n");
if (gsn->cb_delete_context) gsn->cb_delete_context(pdp_old);
pdp_freepdp(pdp_old);
-
+
+ if (GTP_DEBUG) printf("gtp_create_pdp_ind: Deleted...\n");
}
}
diff --git a/gtp/gtp.h b/gtp/gtp.h
index 2a4e57a..191eef1 100644
--- a/gtp/gtp.h
+++ b/gtp/gtp.h
@@ -17,6 +17,8 @@
#ifndef _GTP_H
#define _GTP_H
+#define GTP_DEBUG 1 /* Print debug information */
+
#define GTP0_PORT 3386
#define GTP1C_PORT 2123
#define GTP1U_PORT 2152