Actions
Feature #2565
closedverify hex key sizes read from DB
Start date:
10/10/2017
Due date:
% Done:
100%
Spec Reference:
Description
currently, osmo-hlr reads auth data from the DB as strings and uses osmo_hexparse() without verifying the resulting size.
Write a test suite and make sure wrong key sizes are complained about and error handling is in place.
Note that there is a code snippet #if'd out in db_auc.c:
aud2g->algo = sqlite3_column_int(stmt, 1); ki = sqlite3_column_text(stmt, 2); #if 0 if (sqlite3_column_bytes(stmt, 2) != sizeof(aud2g->u.gsm.ki)) { LOGAUC(imsi, LOGL_ERROR, "Error reading Ki: %d\n", rc); goto end_2g; } #endif
Updated by osmith over 4 years ago
- % Done changed from 0 to 90
Patch submitted:
https://gerrit.osmocom.org/q/topic:verify-hex-key-size
Updated by osmith over 4 years ago
- Status changed from In Progress to Resolved
- % Done changed from 90 to 100
Actions