From cb724a348482848e2cba34c19ac45afad87fbee6 Mon Sep 17 00:00:00 2001 From: Neels Hofmeyr Date: Thu, 11 Aug 2022 15:57:40 +0200 Subject: gtlv: check memory bounds 1/3: encoding TLV Introduce a maximum bound of memory access to the osmo_gtlv API. Properly pass const-ness within the gtlv implementation. This patch adds membof_const(). The following patch will add the non-const membof() equivalent, which is not needed in this patch, yet. Coverity CID#275417 drew my attention to the fact that the gtlv decoding and encoding does not actually guard against access past the end of the decoded struct. We have not yet officially released libosmo-gtlv; also, osmo-upf and osmo-hnbgw so far only use the libosmo-pfcp API, which "hides" the gtlv API. Hence just change the API without a backwards compat shim. Related: CID#275417 Related: SYS#5599 Change-Id: Id8d997c9d5e655ff1842ec69eab6c073875c6330 --- src/libosmo-gtlv/gtlv_gen.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/libosmo-gtlv/gtlv_gen.c') diff --git a/src/libosmo-gtlv/gtlv_gen.c b/src/libosmo-gtlv/gtlv_gen.c index fd3fbd9..9fe4b0c 100644 --- a/src/libosmo-gtlv/gtlv_gen.c +++ b/src/libosmo-gtlv/gtlv_gen.c @@ -388,7 +388,8 @@ static void write_c() "int %s_ies_encode(struct osmo_gtlv_put *gtlv, const union %s_ies *src,\n" " %s message_type, osmo_gtlv_err_cb err_cb, void *err_cb_data, const struct value_string *iei_strs)\n" "{\n" - " return osmo_gtlvs_encode(gtlv, src, 0, %s_get_msg_coding(message_type), err_cb, err_cb_data, iei_strs);\n" + " return osmo_gtlvs_encode(gtlv, src, sizeof(*src), 0, %s_get_msg_coding(message_type),\n" + " err_cb, err_cb_data, iei_strs);\n" "}\n", g_cfg->proto_name, g_cfg->proto_name, g_cfg->message_type_enum ? : "int", g_cfg->proto_name); printf("\n" -- cgit v1.2.3