[gprs] correctly calculate the length of the BSSGP PDUs
diff --git a/openbsc/include/openbsc/gsm_data.h b/openbsc/include/openbsc/gsm_data.h
index ac04265..03794c2 100644
--- a/openbsc/include/openbsc/gsm_data.h
+++ b/openbsc/include/openbsc/gsm_data.h
@@ -100,6 +100,7 @@
#define msgb_bvci(__x) OBSC_MSGB_CB(__x)->bvci
#define msgb_gmmh(__x) (__x)->l3h
#define msgb_bssgph(__x) OBSC_MSGB_CB(__x)->bssgph
+#define msgb_bssgp_len(__x) ((__x)->tail - (uint8_t *)msgb_bssgph(__x))
#define msgb_bcid(__x) OBSC_MSGB_CB(__x)->bssgp_cell_id
#define msgb_llch(__x) OBSC_MSGB_CB(__x)->llch
diff --git a/openbsc/src/gprs_bssgp.c b/openbsc/src/gprs_bssgp.c
index aceedb5..554738b 100644
--- a/openbsc/src/gprs_bssgp.c
+++ b/openbsc/src/gprs_bssgp.c
@@ -200,7 +200,7 @@
}
if (orig_msg)
msgb_tvlv_put(msg, BSSGP_IE_PDU_IN_ERROR,
- msgb_l3len(orig_msg), msgb_bssgph(orig_msg));
+ msgb_bssgp_len(orig_msg), msgb_bssgph(orig_msg));
return gprs_ns_sendmsg(bssgp_nsi, msg);
}
@@ -257,7 +257,7 @@
static int bssgp_rx_ul_ud(struct msgb *msg)
{
struct bssgp_ud_hdr *budh = (struct bssgp_ud_hdr *) msgb_bssgph(msg);
- int data_len = msgb_l3len(msg) - sizeof(*budh);
+ int data_len = msgb_bssgp_len(msg) - sizeof(*budh);
struct tlv_parsed tp;
int rc;
@@ -285,7 +285,7 @@
{
struct bssgp_normal_hdr *bgph =
(struct bssgp_normal_hdr *) msgb_bssgph(msg);
- int data_len = msgb_l3len(msg) - sizeof(*bgph);
+ int data_len = msgb_bssgp_len(msg) - sizeof(*bgph);
struct tlv_parsed tp;
int rc;
@@ -307,7 +307,7 @@
{
struct bssgp_normal_hdr *bgph =
(struct bssgp_normal_hdr *) msgb_bssgph(msg);
- int data_len = msgb_l3len(msg) - sizeof(*bgph);
+ int data_len = msgb_bssgp_len(msg) - sizeof(*bgph);
struct tlv_parsed tp;
int rc;
@@ -352,7 +352,7 @@
(struct bssgp_normal_hdr *) msgb_bssgph(msg);
struct tlv_parsed tp;
uint8_t pdu_type = bgph->pdu_type;
- int data_len = msgb_l3len(msg) - sizeof(*bgph);
+ int data_len = msgb_bssgp_len(msg) - sizeof(*bgph);
uint16_t bvci; /* PTP BVCI */
uint16_t ns_bvci = msgb_bvci(msg);
int rc = 0;