aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPhilipp Maier <pmaier@sysmocom.de>2020-02-26 12:00:23 +0100
committerlaforge <laforge@osmocom.org>2020-03-04 20:49:13 +0000
commitfde9fdc1d3602b78d2e1ef8e1f9b7cda483976c3 (patch)
treebf17758327a6507c792b1243b8fa3a8dd74e4eec
parent07cdd76ffdd45f9db685ce48ffadbbca820fc2d5 (diff)
osmo-sim-test: check tlv_parsed struct tp before access
The variable struct tlv_parsed tp in dump_file() conditionally initalized by tlv_parse() but later it is accessed under a different condition without a check that makes sure that tp is only accessed when tlv_parse() was called beforehand. Lets introduce a check that makes sure tp can not be accessed when it is uninitalized. Change-Id: I6b0209b966127a4195e6f4bcb43d49387c7646ce Fixes: CID#208435
-rw-r--r--utils/osmo-sim-test.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/utils/osmo-sim-test.c b/utils/osmo-sim-test.c
index d33f1ba4..27de0bcb 100644
--- a/utils/osmo-sim-test.c
+++ b/utils/osmo-sim-test.c
@@ -378,11 +378,15 @@ static int dump_file(struct osim_chan_hdl *chan, uint16_t fid)
}
break;
case EF_TYPE_TRANSP:
- if (!TLVP_PRESENT(&tp, UICC_FCP_T_FILE_SIZE))
+ if (g_class != 0xA0) {
+ if (!TLVP_PRESENT(&tp, UICC_FCP_T_FILE_SIZE))
+ goto out;
+ i = ntohs(*(uint16_t *)TLVP_VAL(&tp, UICC_FCP_T_FILE_SIZE));
+ printf("File size: %d bytes\n", i);
+ } else {
+ printf("Can not determine file size, invalid EF-type!\n");
goto out;
- i = ntohs(*(uint16_t *)TLVP_VAL(&tp, UICC_FCP_T_FILE_SIZE));
- printf("File size: %d bytes\n", i);
-
+ }
for (offset = 0; offset < i-1; ) {
uint16_t remain_len = i - offset;
uint16_t read_len = OSMO_MIN(remain_len, 256);