diff options
| author | Vadim Yanitskiy <axilirator@gmail.com> | 2019-05-07 04:02:24 +0700 |
|---|---|---|
| committer | Harald Welte <laforge@gnumonks.org> | 2019-05-07 06:30:46 +0000 |
| commit | 13245d98c278612c49e141984c735b52ccc61203 (patch) | |
| tree | 3eebeb03aff008ce12647204a120d12938fc006a | |
| parent | a77798f681afd9fa64e6f026e6e9e9ab41aeea6b (diff) | |
handover_fsm.c: fix: prevent possible buffer overflow
Change-Id: If51f8f82d3b2462cb7d7a531fe4411509344842b
Fixes: CID#197643
| -rw-r--r-- | src/osmo-bsc/handover_fsm.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/osmo-bsc/handover_fsm.c b/src/osmo-bsc/handover_fsm.c index 442f7bebb..22618c579 100644 --- a/src/osmo-bsc/handover_fsm.c +++ b/src/osmo-bsc/handover_fsm.c @@ -637,6 +637,7 @@ void handover_start_inter_bsc_in(struct gsm_subscriber_connection *conn, if (req->ei.key_len > sizeof(info.encr.key)) { ho_fail(HO_RESULT_ERROR, "Encryption Information IE key length is too large: %u\n", req->ei.key_len); + return; } memcpy(info.encr.key, req->ei.key, req->ei.key_len); info.encr.key_len = req->ei.key_len; |