From 1fa78567e4e1963a28711b9b47111b840b50cfdb Mon Sep 17 00:00:00 2001
From: Harald Welte <laforge@gnumonks.org>
Date: Sat, 26 Nov 2016 10:14:53 +0100
Subject: osmo_gsup_encode(): Make coverity happy by invariant checking

gsm48_encode_bcd_number() can theoretically return a length in excess of
the size of the bcd_buf, but only in case an overly-long IMSI is passed
into the function (which would be illegal in the first place).

Change-Id: If3dc68ee13ff784b487bbc686b777cec9057d537
Fixes: Coverity CID 135216
---
 src/gsm/gsup.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src')

diff --git a/src/gsm/gsup.c b/src/gsm/gsup.c
index d6b49753..c90244aa 100644
--- a/src/gsm/gsup.c
+++ b/src/gsm/gsup.c
@@ -442,6 +442,7 @@ void osmo_gsup_encode(struct msgb *msg, const struct osmo_gsup_message *gsup_msg
 					  gsup_msg->imsi);
 
 	OSMO_ASSERT(bcd_len > 1);
+	OSMO_ASSERT(bcd_len <= sizeof(bcd_buf));
 
 	/* Note that gsm48_encode_bcd_number puts the length into the first
 	 * octet. Since msgb_tlv_put will add this length byte, we'll have to
-- 
cgit v1.2.3