diff options
author | Aleksander Morgado <aleksander@lanedo.com> | 2013-04-18 14:43:06 +0200 |
---|---|---|
committer | Aleksander Morgado <aleksander@lanedo.com> | 2013-04-18 14:43:37 +0200 |
commit | 95274bfa2327a5fec59db33ca94463f4f9baff9c (patch) | |
tree | e0d07018782da39c6d66501587500b093c5d9adb | |
parent | 9fa5b9001a4a61128aa894941062d8e6d025e101 (diff) |
sms-part: check UDH length vs available size before trying to read it
https://bugzilla.gnome.org/show_bug.cgi?id=698246
-rw-r--r-- | src/mm-sms-part.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/mm-sms-part.c b/src/mm-sms-part.c index e68a25b6..a5e8b33c 100644 --- a/src/mm-sms-part.c +++ b/src/mm-sms-part.c @@ -779,6 +779,8 @@ mm_sms_part_new_from_binary_pdu (guint index, udhl = pdu[tp_user_data_offset] + 1; end = tp_user_data_offset + udhl; + PDU_SIZE_CHECK (tp_user_data_offset + udhl, "cannot read UDH"); + for (offset = tp_user_data_offset + 1; (offset + 1) < end;) { guint8 ie_id, ie_len; @@ -853,7 +855,9 @@ mm_sms_part_new_from_binary_pdu (guint index, { GByteArray *raw; - mm_dbg ("Skipping SMS text: Unknown encoding"); + mm_dbg ("Skipping SMS text: Unknown encoding (0x%02X)", user_data_encoding); + + PDU_SIZE_CHECK (tp_user_data_offset + tp_user_data_size_bytes, "cannot read user data"); /* 8-bit encoding is usually binary data, and we have no idea what * actual encoding the data is in so we can't convert it. |