diff options
-rw-r--r-- | include/osmocom/gsm/ipa.h | 5 | ||||
-rw-r--r-- | src/gsm/ipa.c | 16 | ||||
-rw-r--r-- | src/gsm/libosmogsm.map | 1 |
3 files changed, 16 insertions, 6 deletions
diff --git a/include/osmocom/gsm/ipa.h b/include/osmocom/gsm/ipa.h index ec143d0e..93cb1bf1 100644 --- a/include/osmocom/gsm/ipa.h +++ b/include/osmocom/gsm/ipa.h @@ -28,6 +28,8 @@ const char *ipa_ccm_idtag_name(uint8_t tag); int ipa_ccm_idtag_parse(struct tlv_parsed *dec, unsigned char *buf, int len) OSMO_DEPRECATED("Use ipa_ccm_id_{get,resp}_parse instead"); +int ipa_ccm_idtag_parse_off(struct tlv_parsed *dec, unsigned char *buf, int len, const int len_offset) + OSMO_DEPRECATED("Use ipa_ccm_id_{get,resp}_parse instead"); /* parse payload of IPA CCM ID GET into a osmocom TLV style representation */ int ipa_ccm_id_get_parse(struct tlv_parsed *dec, const uint8_t *buf, unsigned int len); @@ -35,9 +37,6 @@ int ipa_ccm_id_get_parse(struct tlv_parsed *dec, const uint8_t *buf, unsigned in /* parse payload of IPA CCM ID RESP into a osmocom TLV style representation */ int ipa_ccm_id_resp_parse(struct tlv_parsed *dec, const uint8_t *buf, unsigned int len); -/* Is the TAG included in the length field? */ -int ipa_ccm_idtag_parse_off(struct tlv_parsed *dec, unsigned char *buf, int len, const int len_offset); - /* parse an Unit ID in string format into the 'ipaccess_unit' data structure */ int ipa_parse_unitid(const char *str, struct ipaccess_unit *unit_data); diff --git a/src/gsm/ipa.c b/src/gsm/ipa.c index 3c7c300b..508cc13d 100644 --- a/src/gsm/ipa.c +++ b/src/gsm/ipa.c @@ -100,6 +100,11 @@ const char *ipa_ccm_idtag_name(uint8_t tag) int ipa_ccm_idtag_parse(struct tlv_parsed *dec, unsigned char *buf, int len) { + return ipa_ccm_idtag_parse_off(dec, buf, len, 0); +} + +int ipa_ccm_idtag_parse_off(struct tlv_parsed *dec, unsigned char *buf, int len, const int len_offset) +{ uint8_t t_len; uint8_t t_tag; uint8_t *cur = buf; @@ -111,6 +116,11 @@ int ipa_ccm_idtag_parse(struct tlv_parsed *dec, unsigned char *buf, int len) t_len = *cur++; t_tag = *cur++; + if (t_len < len_offset) { + LOGP(DLMI, LOGL_ERROR, "minimal offset not included: %d < %d\n", t_len, len_offset); + return -EINVAL; + } + if (t_len > len + 1) { LOGP(DLMI, LOGL_ERROR, "The tag does not fit: %d > %d\n", t_len, len + 1); return -EINVAL; @@ -118,11 +128,11 @@ int ipa_ccm_idtag_parse(struct tlv_parsed *dec, unsigned char *buf, int len) DEBUGPC(DLMI, "%s='%s' ", ipa_ccm_idtag_name(t_tag), cur); - dec->lv[t_tag].len = t_len; + dec->lv[t_tag].len = t_len - len_offset; dec->lv[t_tag].val = cur; - cur += t_len; - len -= t_len; + cur += t_len - len_offset; + len -= t_len - len_offset; } return 0; } diff --git a/src/gsm/libosmogsm.map b/src/gsm/libosmogsm.map index a1d342aa..2bb9d97c 100644 --- a/src/gsm/libosmogsm.map +++ b/src/gsm/libosmogsm.map @@ -461,6 +461,7 @@ ipa_ccm_send_pong; ipa_ccm_tlv_to_unitdata; ipa_ccm_idtag_name; ipa_ccm_idtag_parse; +ipa_ccm_idtag_parse_off; ipa_ccm_id_get_parse; ipa_ccm_id_resp_parse; ipa_ccm_make_id_resp; |