The initial SimAuth implementation incorrectly parsed
the AUTS value as 16 bytes, not 14.
---
src/sim-auth.c | 2 +-
src/simutil.c | 9 +++++----
2 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/src/sim-auth.c b/src/sim-auth.c
index 9ae5574..c0b2422 100644
--- a/src/sim-auth.c
+++ b/src/sim-auth.c
@@ -272,7 +272,7 @@ static void handle_umts(struct ofono_sim_auth *sim, const uint8_t
*resp,
"{say}", &dict);
if (auts) {
- append_dict_byte_array(&dict, "AUTS", auts, 16);
+ append_dict_byte_array(&dict, "AUTS", auts, 14);
} else {
append_dict_byte_array(&dict, "RES", res, 8);
append_dict_byte_array(&dict, "CK", ck, 16);
diff --git a/src/simutil.c b/src/simutil.c
index 8fbde15..2f49500 100644
--- a/src/simutil.c
+++ b/src/simutil.c
@@ -1657,7 +1657,7 @@ gboolean sim_parse_umts_authenticate(const unsigned char *buffer,
const unsigned char **ik, const unsigned char **auts,
const unsigned char **kc)
{
- if (len < 18 || !buffer)
+ if (len < 16 || !buffer)
return FALSE;
switch (buffer[0]) {
@@ -1695,16 +1695,17 @@ gboolean sim_parse_umts_authenticate(const unsigned char *buffer,
break;
case 0xdc:
- /* 'DB' + '10' + AUTS(16) = 18 */
- if (len < 18)
+ /* 'DC' + '0E' + AUTS(14) = 16 */
+ if (len < 16)
goto umts_end;
/* sync error */
- if (buffer[1] != 0x10)
+ if (buffer[1] != 0x0e)
goto umts_end;
*auts = buffer + 2;
+
break;
default:
goto umts_end;
--
2.7.4
Show replies by date
Hi James,
On 10/20/2017 12:40 PM, James Prestwood wrote:
The initial SimAuth implementation incorrectly parsed
the AUTS value as 16 bytes, not 14.
---
src/sim-auth.c | 2 +-
src/simutil.c | 9 +++++----
2 files changed, 6 insertions(+), 5 deletions(-)
Applied, thanks.
Regards,
-Denis