Le 24/03/2013 00:57, Evan Huus a �crit :
> On Sat, Mar 23, 2013 at 6:39 PM, Jaap Keuter <jaap.keuter@xxxxxxxxx> wrote:
>> On 03/23/2013 10:07 PM, Evan Huus wrote:
>>> Am I correct in thinking that in packet-gsm_a_dtap.c around line 6432,
>>> if match_strval_idx doesn't find a match then we will access invalid
>>> memory because idx will be used as an array index with value -1?
>>>
>>> Evan
>> Unless gsm_a_dtap_msg_cc_strings contains 64 entries it seems so yes.
> Filed as bug #8517.
Hi Evan,
actually those wrong array index will never be used thanks to the
following lines 6503 and 6622:
if (msg_str == NULL)
{
...
}
else
{
use ett_tree
}
and
if (msg_str == NULL) return;
...
use dtap_msg_fcn
So the invalid memory accesses will never occur.
I made it a bit more obvious in r48520.
Unless you spotted another place in the source code, I suggest closing
bug 8517.
Regards,
Pascal.
