From patchwork Fri Jun 27 15:05:48 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Willmann X-Patchwork-Id: 365000 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from ganesha.gnumonks.org (ganesha.gnumonks.org [IPv6:2001:780:45:1d:225:90ff:fe52:c662]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 332B2140087 for ; Sat, 28 Jun 2014 01:13:06 +1000 (EST) Received: from localhost ([127.0.0.1] helo=ganesha.gnumonks.org) by ganesha.gnumonks.org with esmtp (Exim 4.72) (envelope-from ) id 1X0Xpa-0002Ts-To; Fri, 27 Jun 2014 17:12:51 +0200 Received: from isonoe.totalueberwachung.de ([2a01:198:210:100::1]) by ganesha.gnumonks.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from ) id 1X0Xj3-0001hA-DL for openbsc@lists.osmocom.org; Fri, 27 Jun 2014 17:06:07 +0200 Received: from adrastea.totalueberwachung.de (p4FC2BC85.dip0.t-ipconnect.de [79.194.188.133]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by isonoe.totalueberwachung.de (Postfix) with ESMTPSA id E013960061; Fri, 27 Jun 2014 17:06:04 +0200 (CEST) Received: by adrastea.totalueberwachung.de (Postfix, from userid 1000) id 3AFA9220F0; Fri, 27 Jun 2014 17:06:03 +0200 (CEST) From: Daniel Willmann To: OpenBSC Mailing List Subject: [openbsc 2/3] gprs_llc: Prevent llme_alloc/lle_init from reading invalid memory Date: Fri, 27 Jun 2014 17:05:48 +0200 Message-Id: <9ea73a8c1fb0f60c8b36b8f2da24136450bf0460.1403881549.git.daniel@totalueberwachung.de> X-Mailer: git-send-email 1.8.4.2 In-Reply-To: <096d31f102dec08830c6516348b4648515648006.1403881549.git.daniel@totalueberwachung.de> References: <096d31f102dec08830c6516348b4648515648006.1403881549.git.daniel@totalueberwachung.de> In-Reply-To: <096d31f102dec08830c6516348b4648515648006.1403881549.git.daniel@totalueberwachung.de> References: <096d31f102dec08830c6516348b4648515648006.1403881549.git.daniel@totalueberwachung.de> X-Spam-Score: -0.0 (/) Cc: Daniel Willmann X-BeenThere: openbsc@lists.osmocom.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development of the OpenBSC GSM base station controller List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: openbsc-bounces@lists.osmocom.org Errors-To: openbsc-bounces@lists.osmocom.org Make the llc_default_params structure from which data is initialized large enough. Otherwise address sanitizer complains with out-of-bounds reads. --- openbsc/src/gprs/gprs_llc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openbsc/src/gprs/gprs_llc.c b/openbsc/src/gprs/gprs_llc.c index 70fe9dd..e6b1f07 100644 --- a/openbsc/src/gprs/gprs_llc.c +++ b/openbsc/src/gprs/gprs_llc.c @@ -84,7 +84,7 @@ static int _bssgp_tx_dl_ud(struct msgb *msg, struct sgsn_mm_ctx *mmctx) /* Section 8.9.9 LLC layer parameter default values */ -static const struct gprs_llc_params llc_default_params[] = { +static const struct gprs_llc_params llc_default_params[NUM_SAPIS] = { [1] = { .t200_201 = 5, .n200 = 3,