aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexander Couzens <lynxis@fe80.eu>2020-12-09 23:32:22 +0100
committerlynxis lazus <lynxis@fe80.eu>2020-12-15 11:56:29 +0000
commitbac5b0153bb6559503e80cbda5a9c84ed2437f6f (patch)
tree891189e4e6bc719fb9bd7835fe6382ace285afd7
parentc782cec663fe3dae79331f4f29968c8c100348a7 (diff)
gprs_ns2: on ns2_create_vc parse the tlv before using it
reject_status_msg require a parsed tlv. Otherwise an uninitialized tlv is passed. Change-Id: I82cab518966b8b49c3522ff5f7b6f82d1027a526
-rw-r--r--src/gb/gprs_ns2.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/src/gb/gprs_ns2.c b/src/gb/gprs_ns2.c
index fd016e6d..9d5a97ca 100644
--- a/src/gb/gprs_ns2.c
+++ b/src/gb/gprs_ns2.c
@@ -798,6 +798,15 @@ enum gprs_ns2_cs ns2_create_vc(struct gprs_ns2_vc_bind *bind,
if (msg->len < sizeof(struct gprs_ns_hdr))
return GPRS_NS2_CS_ERROR;
+ rc = ns2_tlv_parse(&tp, nsh->data,
+ msgb_l2len(msg) - sizeof(*nsh), 0, 0);
+ if (rc < 0) {
+ LOGP(DLNS, LOGL_ERROR, "Rx NS RESET Error %d during "
+ "TLV Parse\n", rc);
+ /* TODO: send invalid message back */
+ return GPRS_NS2_CS_REJECTED;
+ }
+
switch (nsh->pdu_type) {
case NS_PDUT_STATUS:
/* Do not respond, see 3GPP TS 08.16, 7.5.1 */
@@ -840,15 +849,6 @@ enum gprs_ns2_cs ns2_create_vc(struct gprs_ns2_vc_bind *bind,
return GPRS_NS2_CS_REJECTED;
}
- rc = ns2_tlv_parse(&tp, nsh->data,
- msgb_l2len(msg) - sizeof(*nsh), 0, 0);
- if (rc < 0) {
- LOGP(DLNS, LOGL_ERROR, "Rx NS RESET Error %d during "
- "TLV Parse\n", rc);
- /* TODO: send invalid message back */
- return GPRS_NS2_CS_REJECTED;
- }
-
if (!TLVP_PRES_LEN(&tp, NS_IE_CAUSE, 1) ||
!TLVP_PRES_LEN(&tp, NS_IE_VCI, 2) || !TLVP_PRES_LEN(&tp, NS_IE_NSEI, 2)) {
LOGP(DLNS, LOGL_ERROR, "NS RESET Missing mandatory IE\n");