I was getting crashes while processing an S1AP (APER encoding) trace, so after some debugging I found you can get into this else block after going through line 42
if(value) ct = 0; /* Not restricted */
which nullifies ct.
So I just added a null-guard before trying to access ct->{upper, lower}_bound.
I'm no ASN expert at all, so I'm not sure this fix is not causing problems down the line, but at least with my trace everything seems to be working fine now: I can get to the end with no crashes and it seems to correctly process the message that was crashing b4...
abigagli
commented
3 years ago
I was getting crashes while processing an S1AP (APER encoding) trace, so after some debugging I found you can get into this else block after going through line 42
if(value) ct = 0; /* Not restricted */which nullifiesct.So I just added a null-guard before trying to access
ct->{upper, lower}_bound. I'm no ASN expert at all, so I'm not sure this fix is not causing problems down the line, but at least with my trace everything seems to be working fine now: I can get to the end with no crashes and it seems to correctly process the message that was crashing b4...