diff options
author | Vadim Yanitskiy <vyanitskiy@sysmocom.de> | 2021-06-09 01:46:48 +0200 |
---|---|---|
committer | Vadim Yanitskiy <vyanitskiy@sysmocom.de> | 2021-06-09 22:51:07 +0200 |
commit | 825716851ec2e021505dc7f77d33956ea27ba802 (patch) | |
tree | 37efb3ef70e9da61421ebbeae6d648a26bcef7fd | |
parent | c3c57d888e490b82a9cc51bd9948ae3ff7449d95 (diff) |
host/layer23/ccch_scan: skip CCCH frames with wrong length
It's not clear why do we get frames with unexpected length, but
we definitely should not crash. Just log and ignore them.
Change-Id: I85392becbffdb3ba7365decfd8f3769abe3c02c7
Related: OS#5171
-rw-r--r-- | src/host/layer23/src/misc/app_ccch_scan.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/host/layer23/src/misc/app_ccch_scan.c b/src/host/layer23/src/misc/app_ccch_scan.c index be2d9aea..e5a184f1 100644 --- a/src/host/layer23/src/misc/app_ccch_scan.c +++ b/src/host/layer23/src/misc/app_ccch_scan.c @@ -409,6 +409,13 @@ int gsm48_rx_ccch(struct msgb *msg, struct osmocom_ms *ms) struct gsm48_system_information_type_header *sih = msgb_l3(msg); int rc = 0; + /* Skip frames with wrong length */ + if (msgb_l3len(msg) != GSM_MACBLOCK_LEN) { + LOGP(DRR, LOGL_ERROR, "Rx CCCH message with odd length=%u: %s\n", + msgb_l3len(msg), msgb_hexdump_l3(msg)); + return -EINVAL; + } + /* Skip dummy (fill) frames */ if (is_fill_frame(msg)) return 0; |