diff options
| author | Aleksander Morgado <aleksander@aleksander.es> | 2015-09-24 21:13:26 +0200 |
|---|---|---|
| committer | Aleksander Morgado <aleksander@aleksander.es> | 2015-09-24 21:13:26 +0200 |
| commit | d281b9bddb6440ae00d7e8ec507b27e7a6cfabb3 (patch) | |
| tree | 3ef273af6162d4fff27c6a5591e1666c983f3a4e | |
| parent | 51447bd06bc8e06667843a3921a95a299ce2333d (diff) | |
| download | ModemManager-d281b9bddb6440ae00d7e8ec507b27e7a6cfabb3.tar.gz | |
broadband-modem-qmi: fix invalid read
Breakpoint 2, g_log (log_domain=log_domain@entry=0x7ffff6ad744e "GLib", log_level=log_level@entry=G_LOG_LEVEL_CRITICAL, format=format@entry=0x7ffff6ae0c1d "%s: assertion '%s' failed") at gmessages.c:1075
1075 {
(gdb) bt
#0 0x00007ffff6a71b20 in g_log (log_domain=log_domain@entry=0x7ffff6ad744e "GLib", log_level=log_level@entry=G_LOG_LEVEL_CRITICAL, format=format@entry=0x7ffff6ae0c1d "%s: assertion '%s' failed")
at gmessages.c:1075
#1 0x00007ffff6a71be9 in g_return_if_fail_warning (log_domain=log_domain@entry=0x7ffff6ad744e "GLib", pretty_function=pretty_function@entry=0x7ffff6b316a0 <__FUNCTION__.5266> "g_variant_new_string", expression=expression@entry=0x7ffff6b2f1e8 "g_utf8_validate (string, -1, NULL)") at gmessages.c:1088
#2 0x00007ffff6a9e925 in g_variant_new_string (string=0x7cf850 "260\366\377\177") at gvariant.c:1230
#3 0x00007ffff7068cfe in g_dbus_gvalue_to_gvariant (gvalue=gvalue@entry=0x7fffffffdec0, type=0x7ffff7b9df91) at gdbusutils.c:604
#4 0x00007ffff7b8f1eb in _mm_gdbus_modem3gpp_skeleton_handle_get_property (connection=<optimized out>, sender=sender@entry=0x0, object_path=object_path@entry=0x7bd340 "/org/freedesktop/ModemManager1/Modem/1", interface_name=interface_name@entry=0x7ffff7b97320 "org.freedesktop.ModemManager1.Modem.Modem3gpp", property_name=property_name@entry=0x7ffff7baa0a4 "OperatorCode", error=error@entry=0x0, user_data=0x799ab0)
at mm-gdbus-modem.c:19680
#5 0x00007ffff7b8f894 in mm_gdbus_modem3gpp_skeleton_dbus_interface_get_properties (_skeleton=<optimized out>) at mm-gdbus-modem.c:19759
#6 0x00007ffff708e791 in g_dbus_interface_skeleton_get_properties (interface_=0x799ab0 [MmGdbusModem3gppSkeleton]) at gdbusinterfaceskeleton.c:371
#7 0x00007ffff70937a2 in manager_method_call (connection=<optimized out>, sender=sender@entry=0x7fffe0005200 ":1.270", object_path=object_path@entry=0x7fffe0002fd0 "/org/freedesktop/ModemManager1", interface_name=interface_name@entry=0x7fffe0002dd0 "org.freedesktop.DBus.ObjectManager", method_name=method_name@entry=0x7fffe00059e0 "GetManagedObjects", parameters=parameters@entry=0x7c1e70, invocation=0x7fffe0003260 [GDBusMethodInvocation], user_data=0x713cd0) at gdbusobjectmanagerserver.c:845
#8 0x00007ffff7076aac in call_in_idle_cb (user_data=0x7fffe0003260) at gdbusconnection.c:4884
#9 0x00007ffff6a6a7fb in g_main_context_dispatch (context=0x713a00) at gmain.c:3111
#10 0x00007ffff6a6a7fb in g_main_context_dispatch (context=context@entry=0x713a00) at gmain.c:3710
#11 0x00007ffff6a6ab98 in g_main_context_iterate (context=0x713a00, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3781
#12 0x00007ffff6a6aec2 in g_main_loop_run (loop=0x71bf50) at gmain.c:3975
#13 0x0000000000430e57 in main (argc=<optimized out>, argv=<optimized out>) at main.c:150
| -rw-r--r-- | src/mm-broadband-modem-qmi.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/mm-broadband-modem-qmi.c b/src/mm-broadband-modem-qmi.c index 1054d5329..4816df3b0 100644 --- a/src/mm-broadband-modem-qmi.c +++ b/src/mm-broadband-modem-qmi.c @@ -4278,10 +4278,10 @@ process_common_info (QmiNasServiceStatus service_status, *mm_operator_id = g_malloc (7); memcpy (*mm_operator_id, mcc, 3); if (mnc[2] == 0xFF) { - memcpy (*mm_operator_id, mnc, 2); + memcpy (&((*mm_operator_id)[3]), mnc, 2); (*mm_operator_id)[5] = '\0'; } else { - memcpy (*mm_operator_id, mnc, 3); + memcpy (&((*mm_operator_id)[3]), mnc, 3); (*mm_operator_id)[6] = '\0'; } } |