[asterisk-bugs] [JIRA] (SS7-38) Wrong LSSU size
Rusty Newton (JIRA)
noreply at issues.asterisk.org
Tue Jun 17 18:54:56 CDT 2014
[ https://issues.asterisk.org/jira/browse/SS7-38?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rusty Newton closed SS7-38.
---------------------------
Resolution: Fixed
Fixed in [LibSS7 2.0.0|http://downloads.asterisk.org/pub/telephony/libss7/ChangeLog-2.0.0]
> Wrong LSSU size
> ---------------
>
> Key: SS7-38
> URL: https://issues.asterisk.org/jira/browse/SS7-38
> Project: LibSS7
> Issue Type: Bug
> Components: General
> Reporter: tian
> Severity: Minor
>
> SVN Rev.: 269
> Source file: mtp2.c
> Lines: 650-651
> Snippet of the buggy codes are reproduced below:
> static int lssu_rx(struct mtp2 *link, struct mtp_su_head *h, int len)
> {
> unsigned char lssutype = lssu_type(h);
> if (len > (LSSU_SIZE + 2)) /* FCS is two bytes */
> mtp_error(link->master, "Received LSSU with length %d longer than
> expected\n", len);
> Because LSSU_SIZE is #defined to be 6, the if statement in the code above
> translates to:
> if (len > (6 + 2))
> mtp_error(link->master, "Received LSSU with length %d longer than
> expected\n", len);
> but LSSU is of fixed length (6 octets), so it's a bug! The above codes will
> fail to issue a warning message when an erroneous LSSU with length 7 of 8 is
> received.
> ****** ADDITIONAL INFORMATION ******
> I am only reading the libss7 source code without a running Asterisk box.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list