diff options
author | Philipp Maier <pmaier@sysmocom.de> | 2020-02-26 12:00:23 +0100 |
---|---|---|
committer | laforge <laforge@osmocom.org> | 2020-03-04 20:49:13 +0000 |
commit | fde9fdc1d3602b78d2e1ef8e1f9b7cda483976c3 (patch) | |
tree | bf17758327a6507c792b1243b8fa3a8dd74e4eec /utils | |
parent | 07cdd76ffdd45f9db685ce48ffadbbca820fc2d5 (diff) |
osmo-sim-test: check tlv_parsed struct tp before access
The variable struct tlv_parsed tp in dump_file() conditionally
initalized by tlv_parse() but later it is accessed under a different
condition without a check that makes sure that tp is only accessed when
tlv_parse() was called beforehand. Lets introduce a check that makes
sure tp can not be accessed when it is uninitalized.
Change-Id: I6b0209b966127a4195e6f4bcb43d49387c7646ce
Fixes: CID#208435
Diffstat (limited to 'utils')
-rw-r--r-- | utils/osmo-sim-test.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/utils/osmo-sim-test.c b/utils/osmo-sim-test.c index d33f1ba4..27de0bcb 100644 --- a/utils/osmo-sim-test.c +++ b/utils/osmo-sim-test.c @@ -378,11 +378,15 @@ static int dump_file(struct osim_chan_hdl *chan, uint16_t fid) } break; case EF_TYPE_TRANSP: - if (!TLVP_PRESENT(&tp, UICC_FCP_T_FILE_SIZE)) + if (g_class != 0xA0) { + if (!TLVP_PRESENT(&tp, UICC_FCP_T_FILE_SIZE)) + goto out; + i = ntohs(*(uint16_t *)TLVP_VAL(&tp, UICC_FCP_T_FILE_SIZE)); + printf("File size: %d bytes\n", i); + } else { + printf("Can not determine file size, invalid EF-type!\n"); goto out; - i = ntohs(*(uint16_t *)TLVP_VAL(&tp, UICC_FCP_T_FILE_SIZE)); - printf("File size: %d bytes\n", i); - + } for (offset = 0; offset < i-1; ) { uint16_t remain_len = i - offset; uint16_t read_len = OSMO_MIN(remain_len, 256); |