From 3f58f4f5260be9e9e46bc50382768563a5ce2bcd Mon Sep 17 00:00:00 2001
From: Denis Kenzior <denkenz@gmail.com>
Date: Thu, 29 Feb 2024 11:42:28 -0600
Subject: [PATCH 2/4] smsutil: Check cbs_dcs_decode return value

It is better to explicitly check the return value of cbs_dcs_decode
instead of relying on udhi not being changed due to side-effects.

CVE: CVE-2023-2794

Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=7f2adfa22fbae824f8e2c3ae86a3f51da31ee400]

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
 src/smsutil.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/smsutil.c b/src/smsutil.c
index d3844f3..cfa157a 100644
--- a/src/smsutil.c
+++ b/src/smsutil.c
@@ -1765,7 +1765,8 @@ gboolean sms_udh_iter_init_from_cbs(const struct cbs *cbs,
	const guint8 *hdr;
	guint8 max_ud_len;

-	cbs_dcs_decode(cbs->dcs, &udhi, NULL, NULL, NULL, NULL, NULL);
+	if (!cbs_dcs_decode(cbs->dcs, &udhi, NULL, NULL, NULL, NULL, NULL))
+		return FALSE;

	if (!udhi)
		return FALSE;
--
2.40.0