Project

General

Profile

Feature #2565

verify hex key sizes read from DB

Added by neels almost 2 years ago. Updated 26 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
Target version:
-
Start date:
10/10/2017
Due date:
% Done:

100%


Description

currently, osmo-hlr reads auth data from the DB as strings and uses osmo_hexparse() without verifying the resulting size.
Write a test suite and make sure wrong key sizes are complained about and error handling is in place.

Note that there is a code snippet #if'd out in db_auc.c:

               aud2g->algo = sqlite3_column_int(stmt, 1);
               ki = sqlite3_column_text(stmt, 2);
#if 0
               if (sqlite3_column_bytes(stmt, 2) != sizeof(aud2g->u.gsm.ki)) {
                       LOGAUC(imsi, LOGL_ERROR, "Error reading Ki: %d\n", rc);
                       goto end_2g;
               }
#endif

History

#1 Updated by laforge about 1 month ago

  • Assignee set to osmith

#2 Updated by osmith about 1 month ago

  • Status changed from New to In Progress

#3 Updated by osmith about 1 month ago

  • % Done changed from 0 to 90

#4 Updated by osmith 26 days ago

  • Status changed from In Progress to Resolved
  • % Done changed from 90 to 100

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)