mm-sms-part-3gpp: avoid buffer overflow if packed data is too large (!1055) · Merge requests · Mobile broadband connectivity / ModemManager

Eric Caruso requested to merge ejcaruso/ModemManager:fix-sms-pdu-builder into main Aug 30, 2023

With GSM7 encoding, packedlen is the length of the unpacked string after expanding septets to octets so it will be ~14% bigger than the original string length. This means we have to be careful not to copy too much data into the PDU buffer.

Similar issues exist in other branches of the same function.

Fixes #768. Thanks rhezashan@gmail.com for the report.

Edited Aug 30, 2023 by Eric Caruso

Admin message

mm-sms-part-3gpp: avoid buffer overflow if packed data is too large

Merge request reports