very dirty fix for some out of buffer memory access

TO BE DONE PROPERLY AT SOME POINT!! git-svn-id: http://svn.eurecom.fr/openair4G/trunk@7791 818b1a75-f10b-46b9-bf7c-635c3b92a50f

very dirty fix for some out of buffer memory access
TO BE DONE PROPERLY AT SOME POINT!! git-svn-id: http://svn.eurecom.fr/openair4G/trunk@7791 818b1a75-f10b-46b9-bf7c-635c3b92a50f
993d911d · roux · 5eb49567 · 993d911d
Commit 993d911d authored Sep 02, 2015 by roux
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 1 deletion

openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1u.c openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1u.c +6 -1

No files found.
--- a/openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1u.c
+++ b/openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1u.c
@@ -630,10 +630,15 @@ nwGtpv1uHandleEchoReq(NW_IN NwGtpv1uStackT *thiz,

  bufLen = sizeof(NwGtpv1uIeTv1T)+ ((NwGtpv1uMsgT*)hMsg)->msgLen;

+#warning CROUX DIRTY +16, TO BE FIXED!!!
+  /* the +16 is there because by analyzing memory allocation with some external
+   * tool, I saw that there were 6 bytes accessed after bufLen in nwGtpv1uCreateAndSendMsg
+   * the value "16" has been chosen arbitrarily, just bigger than 6
+   */
  ((NwGtpv1uMsgT*)hMsg)->msgBuf = itti_malloc(
                                    TASK_GTPV1_U,
                                    TASK_UDP,
-                                    bufLen);
+                                    bufLen + 16 /* CROUX - dirty +16, to be fixed! */);
  ((NwGtpv1uMsgT*)hMsg)->msgBufLen    = bufLen;
  NW_ASSERT(NW_GTPV1U_OK == rc);