diff options
authorPau Espin Pedrol <pespin@sysmocom.de>2020-04-07 13:15:36 +0200
committerPau Espin Pedrol <pespin@sysmocom.de>2020-04-07 13:15:38 +0200
commit63ebc368affaac2b8bd30716e3df48e00c2e126b (patch)
parentf62f073c797bc68a28a75d22cbf2e74c889b7a72 (diff)
gsm0503_coding: Fix USF encoding in MCS1-4
osmo-gsm-tester raised an ASan warning in osmo-bts-trx during execution of a test with EGPRS enabled and a modem connecting to it (see OS#4483 for full trace): ==12388==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7fa20b9ab8d0 at pc 0x7fa20b982894 bp 0x7ffdfea8b9c0 sp 0x7ffdfea8b9b8 READ of size 1 at 0x7fa20b9ab8d0 thread T0 #0 0x7fa20b982893 in gsm0503_mcs1_dl_interleave /home/osmocom-build/jenkins/workspace/osmo-gsm-tester_build-osmo-bts/libosmocore/src/coding/gsm0503_interleaving.c:165 Function gsm0503_mcs1_dl_interleave() was being passed the 6-bit USF encoding while clrearly expecting a 12 element array. TS 05.03 "USF precoding" also clearly states that 12bit encoding is to be used for MCS1-4. Fixes: OS#4483 Change-Id: I94db14de770070b17894a9071aa14391d26e776c
1 files changed, 1 insertions, 1 deletions
diff --git a/src/coding/gsm0503_coding.c b/src/coding/gsm0503_coding.c
index 9449f4b5..55924330 100644
--- a/src/coding/gsm0503_coding.c
+++ b/src/coding/gsm0503_coding.c
@@ -1176,7 +1176,7 @@ static int egprs_type3_map(ubit_t *bursts, const ubit_t *hc, const ubit_t *dc, i
ubit_t iB[456];
const ubit_t *hl_hn = gsm0503_pdtch_hl_hn_ubit[3];
- gsm0503_mcs1_dl_interleave(gsm0503_usf2six[usf], hc, dc, iB);
+ gsm0503_mcs1_dl_interleave(gsm0503_usf2twelve_ubit[usf], hc, dc, iB);
for (i = 0; i < 4; i++) {
gsm0503_xcch_burst_map(&iB[i * 114], &bursts[i * 116],