diff options
author | Pablo Neira Ayuso <pablo@gnumonks.org> | 2011-04-11 16:32:50 +0200 |
---|---|---|
committer | Harald Welte <laforge@gnumonks.org> | 2011-04-12 21:50:46 +0200 |
commit | ca05d432d71cd940e6da9af1930096aaab47f897 (patch) | |
tree | 94877c0c490939ebf71f390e98b7933ec22d046c /openbsc/src/osmo-bsc_nat/bsc_nat.c | |
parent | 0d20b635749dea8f056245f283ce571e65d8c2c7 (diff) |
src: more robust ipaccess_idtag_parse()
Now ipaccess_idtag_parse() returns -EINVAL instead of -1. We also
check for the return value of this function in every invocation to
skip further processing in case of messages with malformed TLVs.
This idea was suggested by Zecke.
Diffstat (limited to 'openbsc/src/osmo-bsc_nat/bsc_nat.c')
-rw-r--r-- | openbsc/src/osmo-bsc_nat/bsc_nat.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c b/openbsc/src/osmo-bsc_nat/bsc_nat.c index 75862941a..8c164a270 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c @@ -1019,9 +1019,15 @@ exit: /* do we know who is handling this? */ if (msg->l2h[0] == IPAC_MSGT_ID_RESP) { struct tlv_parsed tvp; - ipaccess_idtag_parse(&tvp, + int ret; + ret = ipaccess_idtag_parse(&tvp, (unsigned char *) msg->l2h + 2, msgb_l2len(msg) - 2); + if (ret < 0) { + LOGP(DNAT, LOGL_ERROR, "ignoring IPA response " + "message with malformed TLVs\n"); + return ret; + } if (TLVP_PRESENT(&tvp, IPAC_IDTAG_UNITNAME)) ipaccess_auth_bsc(&tvp, bsc); } |