diff options
authorHarald Welte <laforge@gnumonks.org>2017-04-27 12:09:29 +0200
committerHarald Welte <laforge@gnumonks.org>2017-04-27 12:09:29 +0200
commit6fa19331784dabd49eba9778e3fe1ad0d60d340c (patch)
parent023d4f962b73aef5ef12af3b5a910fd1c80a26d5 (diff)
sclc_rx_cldr(): Don't try to dereference user data_ie without check
While the SUA / SCCP2SUA code is ensuring that mandatory information elements such as the user data IE in a CLD$ message, we might still have current or future callers of sclc_rx_cldr() that don't comply with that. So let's make sure data_ie is valid before dereferencing it. Change-Id: I7c1010b0ac82ee0b7bd5e2c7413899695eae0070 Fixes: coverity CID#166940
1 files changed, 5 insertions, 0 deletions
diff --git a/src/sccp_sclc.c b/src/sccp_sclc.c
index 262b2c0..8f9e577 100644
--- a/src/sccp_sclc.c
+++ b/src/sccp_sclc.c
@@ -204,6 +204,11 @@ static int sclc_rx_cldr(struct osmo_sccp_instance *inst, struct xua_msg *xua)
struct msgb *upmsg = sccp_msgb_alloc(__func__);
struct osmo_sccp_user *scu;
+ if (!data_ie) {
+ LOGP(DLSCCP, LOGL_ERROR, "SCCP/SUA CLDR without user data?!?\n");
+ return -1;
+ }
/* fill primitive */
prim = (struct osmo_scu_prim *) msgb_put(upmsg, sizeof(*prim));
param = &prim->u.notice;