From dce814f71cf29b6b7e4ddcb64bcc45dfebff445f Mon Sep 17 00:00:00 2001 From: Neels Hofmeyr Date: Mon, 19 Oct 2015 13:07:40 +0200 Subject: gtpie_gettlv(): fix return value on specific error. Make gtpie_gettlv() return an error if gtpie_getie() returned an error. Previously, openggsn would fail to complain about certain missing elements. Technically, a missing IE could be detectable from the *length value, but the code in gtp.c relies on the return value to detect missing elements, which did not work prior to this commit. For example: if (gtpie_gettlv(ie, GTPIE_EUA, 0, &pdp->eua.l, &pdp->eua.v, sizeof(pdp->eua.v))) { gsn->missing++; GTP_LOGPKG(LOGL_ERROR, peer, pack, len, "Missing mandatory information field\n"); return gtp_create_pdp_resp(gsn, version, pdp, GTPCAUSE_MAN_IE_MISSING); } If an EUA were missing in this code path, openggsn would fail to issue an error message. Since pdp and hence pdp->eua.l is initialized as all-zero, it would probably not do much harm besides failing to issue an error. I haven't checked all callers though. --- gtp/gtpie.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'gtp/gtpie.c') diff --git a/gtp/gtpie.c b/gtp/gtpie.c index d70db6a..bbb9537 100644 --- a/gtp/gtpie.c +++ b/gtp/gtpie.c @@ -135,13 +135,14 @@ int gtpie_gettlv(union gtpie_member *ie[], int type, int instance, { int ien; ien = gtpie_getie(ie, type, instance); - if (ien >= 0) { - *length = ntoh16(ie[ien]->tlv.l); - if (*length <= size) - memcpy(dst, ie[ien]->tlv.v, *length); - else - return EOF; - } + if (ien < 0) + return EOF; + + *length = ntoh16(ie[ien]->tlv.l); + if (*length > size) + return EOF; + + memcpy(dst, ie[ien]->tlv.v, *length); return 0; } -- cgit v1.2.3