Changes in libfdproto/messages.c [903:4382d7420e65:924:877592751fee] in freeDiameter
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
libfdproto/messages.c
r903 r924 106 106 #define _A(_x) ((struct avp *)(_x)) 107 107 /* Check the type and eyecatcher */ 108 #define CHECK_AVP(_x) ((_ C(_x)->type == MSG_AVP) && (_A(_x)->avp_eyec == MSG_AVP_EYEC))108 #define CHECK_AVP(_x) ((_x) && (_C(_x)->type == MSG_AVP) && (_A(_x)->avp_eyec == MSG_AVP_EYEC)) 109 109 110 110 /* The following structure represents an instance of a message (command and children AVPs). */ … … 239 239 if (new->avp_rawlen) { 240 240 CHECK_MALLOC( new->avp_rawdata = malloc(new->avp_rawlen) ); 241 memset(new->avp_rawdata, 0x FF, new->avp_rawlen);241 memset(new->avp_rawdata, 0x00, new->avp_rawlen); 242 242 } 243 243 } … … 1216 1216 } 1217 1217 1218 /* Associate a session with a message, use only when the session was just created */ 1219 int fd_msg_sess_set(struct msg * msg, struct session * session) 1220 { 1221 TRACE_ENTRY("%p %p", msg, session); 1222 1223 /* Check we received valid parameters */ 1224 CHECK_PARAMS( CHECK_MSG(msg) ); 1225 CHECK_PARAMS( session ); 1226 CHECK_PARAMS( msg->msg_sess == NULL ); 1227 1228 msg->msg_sess = session; 1229 return 0; 1230 } 1231 1218 1232 1219 1233 /* Retrieve the session of the message */ … … 1261 1275 1262 1276 /* Resolve the session and we are done */ 1263 CHECK_FCT( fd_sess_fromsid_msg ( avp->avp_public.avp_value->os.data, avp->avp_public.avp_value->os.len, &msg->msg_sess, new) ); 1264 *session = msg->msg_sess; 1277 if (avp->avp_public.avp_value->os.len > 0) { 1278 CHECK_FCT( fd_sess_fromsid_msg ( avp->avp_public.avp_value->os.data, avp->avp_public.avp_value->os.len, &msg->msg_sess, new) ); 1279 *session = msg->msg_sess; 1280 } else { 1281 TRACE_DEBUG(FULL, "Session-Id AVP with 0-byte length found in message %p", msg); 1282 *session = NULL; 1283 } 1265 1284 1266 1285 return 0; … … 1648 1667 struct avp * avp; 1649 1668 1650 if (buflen - offset < =AVPHDRSZ_NOVEND) {1669 if (buflen - offset < AVPHDRSZ_NOVEND) { 1651 1670 TRACE_DEBUG(INFO, "truncated buffer: remaining only %d bytes", buflen - offset); 1652 1671 return EBADMSG; … … 1666 1685 1667 1686 if (avp->avp_public.avp_flags & AVP_FLAG_VENDOR) { 1668 if (buflen - offset < =4) {1687 if (buflen - offset < 4) { 1669 1688 TRACE_DEBUG(INFO, "truncated buffer: remaining only %d bytes for vendor and data", buflen - offset); 1670 1689 free(avp); … … 1676 1695 1677 1696 /* Check there is enough remaining data in the buffer */ 1678 if (buflen - offset < avp->avp_public.avp_len - GETAVPHDRSZ(avp->avp_public.avp_flags)) { 1697 if ( (avp->avp_public.avp_len > GETAVPHDRSZ(avp->avp_public.avp_flags)) 1698 && (buflen - offset < avp->avp_public.avp_len - GETAVPHDRSZ(avp->avp_public.avp_flags))) { 1679 1699 TRACE_DEBUG(INFO, "truncated buffer: remaining only %d bytes for data, and avp data size is %d", 1680 1700 buflen - offset,
Note: See TracChangeset
for help on using the changeset viewer.