diff options
| author | Harald Welte <laforge@gnumonks.org> | 2018-09-09 10:00:51 +0200 |
|---|---|---|
| committer | Harald Welte <laforge@gnumonks.org> | 2018-09-17 21:36:59 +0200 |
| commit | 6434ba9f907f6eb2fe8926073a82b0b47ba6efd4 (patch) | |
| tree | 39bc3229a140d0b6154e051fd9a602166b3cfc69 /src | |
| parent | c799c70c59959054f743fd491cba14e9694444c2 (diff) | |
CBCH: sprinkle some OMSO_ASSERT() and guard against talloc failure
Change-Id: I85fdecbf20de83a6f925765a46b5cd14765da03e
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/cbch.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/common/cbch.c b/src/common/cbch.c index 7bbe2c95..c628cb5a 100644 --- a/src/common/cbch.c +++ b/src/common/cbch.c @@ -20,6 +20,7 @@ #include <errno.h> +#include <osmocom/core/utils.h> #include <osmocom/core/linuxlist.h> #include <osmocom/gsm/protocol/gsm_04_12.h> @@ -59,6 +60,7 @@ static int get_smscb_block(struct gsm_bts *bts, uint8_t *out) /* No message: Send NULL mesage */ return get_smscb_null_block(out); } + OSMO_ASSERT(msg->next_seg < 4); block_type = (struct gsm412_block_type *) out++; @@ -70,6 +72,7 @@ static int get_smscb_block(struct gsm_bts *bts, uint8_t *out) to_copy = GSM412_MSG_LEN - (msg->next_seg * GSM412_BLOCK_LEN); if (to_copy > GSM412_BLOCK_LEN) to_copy = GSM412_BLOCK_LEN; + OSMO_ASSERT(to_copy >= 0); /* copy data and increment index */ memcpy(out, &msg->msg[msg->next_seg * GSM412_BLOCK_LEN], to_copy); @@ -115,6 +118,8 @@ int bts_process_smscb_cmd(struct gsm_bts *bts, } scm = talloc_zero_size(bts, sizeof(*scm)); + if (!scm) + return -1; /* initialize entire message with default padding */ memset(scm->msg, GSM_MACBLOCK_PADDING, sizeof(scm->msg)); |