From a55caad039b80f24d604f38f7d3950d6830c8e11 Mon Sep 17 00:00:00 2001 From: Holger Hans Peter Freyther Date: Mon, 20 Sep 2010 01:23:15 +0800 Subject: gsm0808: Fix the TLV definition of CIC and Service Handover The nat code stumbled over the CIC bug as it was detecting timeslot 0x1 as a new CIC and we were patching the data outside the actual packet... The TLV parser needs some better size checking too. --- src/gsm0808.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/gsm0808.c b/src/gsm0808.c index 42a73b9f..636c2117 100644 --- a/src/gsm0808.c +++ b/src/gsm0808.c @@ -288,7 +288,7 @@ static const struct tlv_definition bss_att_tlvdef = { [GSM0808_IE_EMLPP_PRIORITY] = { TLV_TYPE_TV }, [GSM0808_IE_CHANNEL_TYPE] = { TLV_TYPE_TLV }, [GSM0808_IE_PRIORITY] = { TLV_TYPE_TLV }, - [GSM0808_IE_CIRCUIT_IDENTITY_CODE] = { TLV_TYPE_TV }, + [GSM0808_IE_CIRCUIT_IDENTITY_CODE] = { TLV_TYPE_FIXED, 2 }, [GSM0808_IE_DOWNLINK_DTX_FLAG] = { TLV_TYPE_TV }, [GSM0808_IE_INTERFERENCE_BAND_TO_USE] = { TLV_TYPE_TV }, [GSM0808_IE_CLASSMARK_INFORMATION_T2] = { TLV_TYPE_TLV }, @@ -296,7 +296,7 @@ static const struct tlv_definition bss_att_tlvdef = { [GSM0808_IE_TALKER_FLAG] = { TLV_TYPE_T }, [GSM0808_IE_CONFIG_EVO_INDI] = { TLV_TYPE_TV }, [GSM0808_IE_LSA_ACCESS_CTRL_SUPPR] = { TLV_TYPE_TV }, - [GSM0808_IE_SERVICE_HANDOVER] = { TLV_TYPE_TV}, + [GSM0808_IE_SERVICE_HANDOVER] = { TLV_TYPE_TLV }, [GSM0808_IE_ENCRYPTION_INFORMATION] = { TLV_TYPE_TLV }, [GSM0808_IE_CIPHER_RESPONSE_MODE] = { TLV_TYPE_TV }, [GSM0808_IE_CELL_IDENTIFIER] = { TLV_TYPE_TLV }, -- cgit v1.2.3