aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVadim Yanitskiy <axilirator@gmail.com>2019-05-07 04:02:24 +0700
committerHarald Welte <laforge@gnumonks.org>2019-05-07 06:30:46 +0000
commit13245d98c278612c49e141984c735b52ccc61203 (patch)
tree3eebeb03aff008ce12647204a120d12938fc006a
parenta77798f681afd9fa64e6f026e6e9e9ab41aeea6b (diff)
handover_fsm.c: fix: prevent possible buffer overflow
Change-Id: If51f8f82d3b2462cb7d7a531fe4411509344842b Fixes: CID#197643
-rw-r--r--src/osmo-bsc/handover_fsm.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/osmo-bsc/handover_fsm.c b/src/osmo-bsc/handover_fsm.c
index 442f7be..22618c5 100644
--- a/src/osmo-bsc/handover_fsm.c
+++ b/src/osmo-bsc/handover_fsm.c
@@ -637,6 +637,7 @@ void handover_start_inter_bsc_in(struct gsm_subscriber_connection *conn,
if (req->ei.key_len > sizeof(info.encr.key)) {
ho_fail(HO_RESULT_ERROR, "Encryption Information IE key length is too large: %u\n",
req->ei.key_len);
+ return;
}
memcpy(info.encr.key, req->ei.key, req->ei.key_len);
info.encr.key_len = req->ei.key_len;