diff options
-rw-r--r-- | include/openbsc/gprs_sgsn.h | 4 | ||||
-rw-r--r-- | src/gprs/gprs_gmm.c | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/include/openbsc/gprs_sgsn.h b/include/openbsc/gprs_sgsn.h index b470c536c..0aed77735 100644 --- a/include/openbsc/gprs_sgsn.h +++ b/include/openbsc/gprs_sgsn.h @@ -50,7 +50,7 @@ enum gprs_t3350_mode { GMM_T3350_MODE_PTMSI_REALL, }; -#define MS_RADIO_ACCESS_CAPA +#define MS_RADIO_ACCESS_CAPA_MAX_LENGTH 255 /* According to TS 03.60, Table 5: SGSN MM and PDP Contexts */ /* Extended by 3GPP TS 23.060, Table 6: SGSN MM and PDP Contexts */ @@ -78,7 +78,7 @@ struct sgsn_mm_ctx { /* CKSN */ enum gprs_ciph_algo ciph_algo; struct { - uint8_t buf[14]; /* 10.5.5.12a */ + uint8_t buf[MS_RADIO_ACCESS_CAPA_MAX_LENGTH]; /* 10.5.5.12a */ uint8_t len; } ms_radio_access_capa; struct { diff --git a/src/gprs/gprs_gmm.c b/src/gprs/gprs_gmm.c index 0730388eb..40733b102 100644 --- a/src/gprs/gprs_gmm.c +++ b/src/gprs/gprs_gmm.c @@ -675,7 +675,7 @@ static int gsm48_rx_gmm_att_req(struct sgsn_mm_ctx *ctx, struct msgb *msg, /* MS Radio Access Capability 10.5.5.12a */ ms_ra_acc_cap_len = *cur++; ms_ra_acc_cap = cur; - if (ms_ra_acc_cap_len > 51) + if (ms_ra_acc_cap_len > MS_RADIO_ACCESS_CAPA_MAX_LENGTH) goto err_inval; /* Optional: Old P-TMSI Signature, Requested READY timer, TMSI Status */ |