ubports-cn/ofono
1
0
Fork 0
forked from sailfishos/ofono
Code Issues Pull Requests Projects Releases Wiki Activity

smsutil: Validate the length of the address field

Browse Source 
This addresses CVE-2023-4233.
This commit is contained in:
Denis Grigorev
2023-12-29 13:30:04 +03:00
committed by Matti Lehtimäki
parent 278f28d15c
commit bb7d65f41a
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ofono/src/smsutil.c
View File

@@ -628,6 +628,10 @@ gboolean sms_decode_address_field(const unsigned char *pdu, int len,
if (!next_octet(pdu, len, offset, &addr_len))
return FALSE;
/* According to 23.040 9.1.2.5 Address-Length must not exceed 20 */
if (addr_len > 20)
return FALSE;
if (sc && addr_len == 0) {
out->address[0] = '\0';
return TRUE;