From 1ef2621d3f646866c791b454e39ebe9faf2837e1 Mon Sep 17 00:00:00 2001 From: Pau Espin Pedrol Date: Tue, 20 Aug 2019 13:26:14 +0200 Subject: gtp-kernel.c: Fix wrong use of in46a_from_eua, print IPv6 euas in46a_from_eua() API documentation clearly states an array of 2 items should be passed as pointer, but show_one_pdp() was passing only one, which would end up in out-of-bounds writes on v4v6 EUAs. Let's better use ippool to print allocated ip addresses instead of parsing EUAs we sent some point in the past. Change-Id: I7e164f40f50de43027bcd4464aa879450d2fb10e --- lib/gtp-kernel.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/gtp-kernel.c b/lib/gtp-kernel.c index 48811bc..f6df408 100644 --- a/lib/gtp-kernel.c +++ b/lib/gtp-kernel.c @@ -26,6 +26,8 @@ #include "../lib/tun.h" #include "../lib/syserr.h" +#include "../lib/util.h" +#include "../lib/ippool.h" #include "../gtp/pdp.h" #include "../gtp/gtp.h" @@ -37,16 +39,23 @@ static void pdp_debug(const char *prefix, const char *devname, struct pdp_t *pdp) { - struct in46_addr ia46; + char buf4[INET_ADDRSTRLEN], buf6[INET6_ADDRSTRLEN]; + struct ippoolm_t *peer; struct in_addr ia; - in46a_from_eua(&pdp->eua, &ia46); + buf4[0] = '\0'; + if ((peer = pdp_get_peer_ipv(pdp, false))) + in46a_ntop(&peer->addr, buf4, sizeof(buf4)); + buf6[0] = '\0'; + if ((peer = pdp_get_peer_ipv(pdp, true))) + in46a_ntop(&peer->addr, buf6, sizeof(buf6)); + gsna2in_addr(&ia, &pdp->gsnrc); - LOGPDPX(DGGSN, LOGL_DEBUG, pdp, "%s %s v%u TEID %"PRIx64" EUA=%s SGSN=%s\n", prefix, + LOGPDPX(DGGSN, LOGL_DEBUG, pdp, "%s %s v%u TEID %"PRIx64" EUA=(%s,%s) SGSN=%s\n", prefix, devname, pdp->version, pdp->version == 0 ? pdp_gettid(pdp->imsi, pdp->nsapi) : pdp->teid_gn, - in46a_ntoa(&ia46), inet_ntoa(ia)); + buf4, buf6, inet_ntoa(ia)); } static struct { -- cgit v1.2.3