Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 444771dae23f05294207983f723d3c8f17199f76
commit444771dae23f05294207983f723d3c8f17199f76[log] [tgz]
authorVadim Yanitskiy <axilirator@gmail.com>Sat May 11 04:46:24 2019 +0700
committerHarald Welte <laforge@gnumonks.org>Mon May 13 20:15:04 2019 +0000
tree565302a40366c38c441ac77c8a6cb9eb8da8d47e
parent18e8b39fcde77832382372ecbd98de955a132f7d [diff]
libmsc/ran_msg_a.c: prevent chosen_encryption->key buffer overrun

In ran_a_make_handover_request() we do prevent destination buffer
(r.encryption_information.key) overflow, but not source buffer
(n->geran.chosen_encryption->key) overrun if an incorrect key
length is received. Let's fix this.

Change-Id: I278bb72660634c2d535e1bd3d7fce5696da23575
Fixes: CID#198450 Out-of-bounds access
1 file changed
tree: 565302a40366c38c441ac77c8a6cb9eb8da8d47e
  1. contrib/
  2. debian/
  3. doc/
  4. include/
  5. m4/
  6. src/
  7. tests/
  8. .gitignore
  9. .gitreview
  10. .mailmap
  11. AUTHORS
  12. configure.ac
  13. COPYING
  14. git-version-gen
  15. Makefile.am
  16. osmoappdesc.py
  17. README
  18. README.vty-tests